msfencode ??

[BurningDownBabylon]

I have a question about msfencode... It seems that now matter how times I encode my meterpreter executable I cannot beat my own antivirus (AVG) at scantime or runtime... I have tried multiple combinations of encrypters as well as encrypting it multiple iterations for each encrypter.

Has anyone actually been able to to make an exe undetectable with msfencode?? If so can you suggest a combination of encrypters to use?? Also will this only work at scantime?? runtime?? both?

[WolverineOD]

I have a question about msfencode... It seems that now matter how times I encode my meterpreter executable I cannot beat my own antivirus (AVG) at scantime or runtime... I have tried multiple combinations of encrypters as well as encrypting it multiple iterations for each encrypter.

Has anyone actually been able to to make an exe undetectable with msfencode?? If so can you suggest a combination of encrypters to use?? Also will this only work at scantime?? runtime?? both?

Do some research on how antivirus's detect "virus's", also visit Metasploit Unleashed - Mastering the Framework Should answer your questions.

[OwlPic]

Well asaik a lot of the AV Companies aren't stupid and either run a Heuristic Scanner (so the code will be detected when run) or can detect the default msf encoders.

My advice is, write your own and implement it into msf.
I myself see msf not as an Encoder/Exploit Kit to Kill. But as a Framework to store and keep all my exploitation stuff together and writing easy/clean code instead of C code all the time to do the same.

Cheers,
Owl..

[seanile]

My problem with msfencode is I can create an exe and copy to my xp box but when I try and run it on the xp box I get the error " Windows cannot access the specified device, path, or file".
In BT4 chmod +x file.exe
ls -l file.exe shows -rwxr-xr-x 1 root
any pointers please