Metasploit mailing list archives
Re: Encodding a payload in a PDF for AV subversion (Peter Fellini)
From: "Scott McClellan" <Scott.McClellan () tn gov>
Date: Mon, 06 Jun 2011 14:22:02 -0500
Yes...you can pick one of the PDF exploits using msfcli, and then pipe it to msfencode. I haven't used msfvenom yet, but I think it would save a couple of steps, and maybe make things less complicated. By SEP-11, do you mean Symantec EndPoint Protection? You may have to do some trial-and-error to build a poison PDF that will bypass SEP. Message: 5 Date: Mon, 6 Jun 2011 14:54:45 -0400 From: Peter Fellini <p_fellini () hotmail com> To: <framework () spool metasploit com> Subject: [framework] Encodding a payload in a PDF for AV subversion Message-ID: <BAY160-w229C7F577717B1204B644F8D600 () phx gbl> Content-Type: text/plain; charset="iso-8859-1" Is there any way to Encode a payload inside a PDF to subvert SEP-11. Thanks Pete
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Re: Encodding a payload in a PDF for AV subversion (Peter Fellini) Scott McClellan (Jun 06)