Metasploit mailing list archives

Re: psexec vs NOD32

From: c0lists <lists () carnal0wnage com>
Date: Tue, 6 Sep 2011 12:17:22 -0400

how bout a useradd payload then you can just rdp in or just
authenticate via another available service?



On Tue, Sep 6, 2011 at 11:55 AM, Anton Sapozhnikov <anton.a.sa () gmail com> wrote:

Hi!

I'm trying to launch windows/meterpreter/bind_tcp with
exploit/windows/smb/psexec
But NOD32 is killing my payload just after “[*] Deleting \KoVCxCjx.exe...”

Could you suggest me some method to trick NOD32?


btw: there are no firewalls between me and hacked server.
--
Anton

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

Current thread:

psexec vs NOD32 Anton Sapozhnikov (Sep 06)
- Re: psexec vs NOD32 c0lists (Sep 06)
  - Re: psexec vs NOD32 Jonathan Cran (Sep 06)