Making undetected backdoor using netcat+vbs script,and hiding it in Adobeflash setup

[jmpebx]

Very cool video. I like it!

[kpriest]

fair shout but how would you detect this if you infected your self so to speak or some one ??

[pigtail23]

undetected backdoor using netcat

this is absolutly wrong. netcat will be find by all AV's. The idea with SFX and VBS is good, but very old and creative heads are know about it.

[pentest09]

Well thats what I thought but i downloaded the newsest nc and binded it with the vbs and it was not picked up by any of the top 5 Avs so maybe the sig for older nc get flagged this works and works very well tested on win 7 ultimate with ESET S/Cv4 fully updated 64bit (vid on my utube channel dgconsultinguk) thanks M0.....

Regards Dee

[Murdock69]

Hi there, nice tutorial,
NC isn't detected by my kaper AV but i have some problemes with the sfx archive, i set the absolute path to "c:" or anything else but when i start the final file (adobe_install_final.exe) all the files are on the user desktop (on Vista SP2). Is it a Vista restriction?

[sLiPpErY]

Last I checked, ncat was FUD, and personally I like it more then nc.

[skinnypuppy]

Tested in AVG, Nod32, Panda, Fprot6, VBA32, ClamWin, Kaspersky 2010, MalwareBytes . So far it's FUD. Refuse to submit to online vx scanner as I DO NOT trust them, though some say novirusthanks is ok if you select "do not submit" option.
Al3ksCrypter works (or did work, haven't tested in a while) too with nc with stub compressed by UPX.

Unfortunately, like every good crypter, it won't remain FUD long.

Good video and post to the community! Keep up the good work!

[inrikey]

i'm speachless great.

[CyclicFlux]

I know they are def. releasing new versions of netcat(also cryptcat), and I know there is always a very good lag within the update to the digital signatures database of the major virus software groups. However all one needs is a hexadecimal editor and if the virus software detects the desired program/code, the hexeditor will do the cut through the detection problem like butter, and then there's always encoding(in metasploit, or you could do it manually no doubt)

Once in the hex editor, if one isn't familiar could just cut the code down into pieces, and then see which portion of the code is causing the alarm in the Virus-Software, and then get rid of it. However its def. a good little steg insertion into the exif-data on the flash I imagine; that's always a slam-dunk, hahahaha. I know for a fact my flash non-stop never misses a chance to get down w/some hot illicit nasty exotic code, foshizz..... One things for sure my flash doesn't fall far from the tree, and as a result I am indeed very much so stoked to try this little number out! Solid Execution, and flawless form!!

[m0j4h3d]

thanks for sharing your opinions guys .. i guess when having good nc.exe then reaching to make it binded .exe file,,,all is good .. but when changing the icon you could face the detection .. even if you just made it sfx and you want to change icon so you could face the detection .. but its not detected with some .. even with original ...
REGARDS BOYS