WOOOOOH!
worked perfect!!!many thanks!
now 16.17 hour european(italy)
attack MY windows seven sp1 (update today!!!)with firewall and NOD32(update this morning)))
many,many thanks
good job
NOW i've meterpreter sessions !!!!!!
very good
bye
Script for simple AV evasion (tested on AVG, Avast, Emisoft)
Hey,
I wrote a simple shell script to bypass AV's like AVG, Avast and emisoft.
It certainly will not bypass all AV's. Just the easy ones
The script can be downloaded here : http://home.base.be/%72%68%69%6E%63%...reatetrojan.sh
I saw somebody demonstrate this method of av evasion in a youtube video and I decided to write a script for it to speed up the process.
The script let's you choose between 2 payloads. the meterprer/reverse_tcp and the shell_reverse_tcp. (feel free to add more)
It let's metasploit generate the code for the payloads and then puts them in a template.c from the metasploit framework and fils it with some random junk and then compiles it with mingw32. So be sure you have mingw32 installed
The script also has the option to use your external ip adress and will look it up for you on a Belgian website.Code:apt-get install mingw32
This is just a fun feature I added. So don't use it for anything illegal
If you want to scan the trojan the script creates with multiple AV's, pls use http://vscan.novirusthanks.org/
And be sure to select the "do not distribute this sample" option so it won't get detected that quickly.
If it get's detected after a month or so, you can always change the variable names and the random junk in the c file.
This will probably make it undetectible again for the easy AV's ofcourse
(\ /)
( . .)
c(")(")
This is bunny.
Copy and paste bunny into your signature to help him gain world domination.
Re: Script for simple AV evasion (tested on AVG, Avast, Emisoft)
WOOOOOH!
worked perfect!!!many thanks!
now 16.17 hour european(italy)
attack MY windows seven sp1 (update today!!!)with firewall and NOD32(update this morning)
many,many thanks
good job
NOW i've meterpreter sessions !!!!!!
very good
bye
Re: Script for simple AV evasion (tested on AVG, Avast, Emisoft)
Glad you like it
(\ /)
( . .)
c(")(")
This is bunny.
Copy and paste bunny into your signature to help him gain world domination.
Re: Script for simple AV evasion (tested on AVG, Avast, Emisoft)
nice bro.....!!! i test it work like cancer hahahaha!!!
Re: Script for simple AV evasion (tested on AVG, Avast, Emisoft)
gd work boy .... go fw
---> 3v3RY D4y P4ss3S 1 f0uNd N3W th1NGs <---
Knowing how 2 use BT dsnt mean that u r hacker
Re: Script for simple AV evasion (tested on AVG, Avast, Emisoft)
man .. i tried it .. but i cannot see the file results !!! any idea
---> 3v3RY D4y P4ss3S 1 f0uNd N3W th1NGs <---
Knowing how 2 use BT dsnt mean that u r hacker
Riferimento: Re: Script for simple AV evasion (tested on AVG, Avast, Emisoft)
this is beautiful!!!!
XD
great job!!!
Re: Script for simple AV evasion (tested on AVG, Avast, Emisoft)
Will be trying it out soon...many thanks
If I could figure out how to scuba dive & hack at the same time, there would be nothing I couldn't do...
Re: Script for simple AV evasion (tested on AVG, Avast, Emisoft)
What do you mean ?Originally Posted by m0j4h3d
you can't find the exe output file of the script ?
It's in /root/Desktop and the script also asks you if you want to copy it to /var/www
This script was written for the gnome version of backtrack. So if you use KDE I think you need to change /root/Desktop to /root/ in every line.
Last edited by LHYX1; 07-19-2011 at 03:11 PM.
(\ /)
( . .)
c(")(")
This is bunny.
Copy and paste bunny into your signature to help him gain world domination.
Re: Script for simple AV evasion (tested on AVG, Avast, Emisoft)
hi,i'm testing the script in kde and gnome .the result it's the same for defaullt locate!!!!
*************************************
Trojan created !
Location: /root/Desktop/riciao.exe
*************************************
WORK PERFECT!and it's wonderful! thk!(sorry my english)
Posting Permissions