Penetration Testing mailing list archives
Re: hiding netcat from AV
From: "Gleb Paharenko" <gpaharenko () gmail com>
Date: Thu, 31 Jul 2008 15:00:11 +0300
Hi. I've recompiled the sources using mingw (gcc). This hides it from Kaspersky. 2008/7/31 James Kelly <macubergeek () comcast net>:
Hi I'm researching the various ways to hide netcat from AV The most success I've found is with an idea I got from the new Syngress netcat book. basicly add a commented out text block near the top of netcat.c and recompile I tried this with about 20 lines of random hex and uploaded it to www.virustotal.com with great success. Has anyone had success with exe encryptors? I've tried telock and it seems to have little effect on AV detectability. Jim ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes inSecuring Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
-- Best regards. Gleb Pakharenko. http://gpaharenko.livejournal.com http://www.linkedin.com/in/gpaharenko ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- hiding netcat from AV James Kelly (Jul 30)
- Re: hiding netcat from AV Paul Melson (Jul 30)
- RE: hiding netcat from AV Roni Bachar (Jul 31)
- Re: hiding netcat from AV Gleb Paharenko (Jul 31)
- Re: hiding netcat from AV Chris (Jul 31)