Script for simple AV evasion (tested on AVG, Avast, Emisoft)

[LHYX1]

Oh I was a little bit confused because in backtrack 4 your Desktop directory was in /root/
Thanx for pointing that out

[cgelici]

TIP:

You can replace

Code:

cd /tmp
wget http://www.watismijnip.be/ 
cd /tmp
cat index.html | grep "Your IP address is" >> ip.txt
cat ip.txt | cut -d\: -f2 >> ip2.txt
cat ip2.txt | cut -d\Y -f1 >> ip3.txt
sed -i "s/ *//g" ip3.txt
cat ip3.txt | sed s/.$// >> ip4.txt
rm ip.txt
rm ip2.txt
rm ip3.txt
ip=$(cat  $"ip4.txt")
rm ip4.txt
rm index.html

with

ip=`curl ifconfig.me`

[LHYX1]

Thanx man
Now I feel stupid writing those 14 lines of code

[cgelici]

Dont sweat it. You can find lots of usefull commands at commandlinefu.com

waar in België woon je ?

[LHYX1]

I'll check it out.

[dexter92]

Hahahaha this code is so TRIVIAL... I mean, the payload stored in .c is not even encrypted, and just a few strings were added... I just can't believe that AVs actually do not detect that as a virus... (And they really don't, tested!)
LOLOLOLOL!!!

[timdecker]

Will this work for arp with ettercap to capture plain http? Right now I CANNOT do it with av/firewall enabled, only works when disabled.....so will this script allow me to poison and capture?