[script] for AV evasion

[killtrace]

I have download it and put it to metasploit folder,after that I ran SET create payload from menu of 16,I zip it copied to my flash,past it to my other PC and Avast still detect it o.0?

[jnpa123]

I have download it and put it to metasploit folder,after that I ran SET create payload from menu of 16,I zip it copied to my flash,past it to my other PC and Avast still detect it o.0?

it doesnt work like that, to use the script you must execute it "./crypter" (not sure if crypter is the actual name of the script) , if you really want to execute through SET you have to modify your SET

[killtrace]

somehow I can't... o.0 I did " cd /obt/metasploit (I puted crypt there ) after that I did " ./crypt.py " I get "Permission denied" :S

[LHYX1]

Did you "chmod 755 crypter.py" ??

[killtrace]

bad new new NOD Eset 5 system detect it -.-

[LHYX1]

Can you be a little more specific ? Screenshot maybe ?
Does it really flag it as a trojan or something or is it a behavior monitoring thing ?
It had to be detected sooner or later I guess. I'll look into it. Maybe it can be bypassed with minor adjustments.
I'll get a trial version and start some testing.

[zimmaro]

hi,i'm testing now!!!!!!!
the script worked beautifull versus win 7 (fully-patched)+ nod32 v5 version 5.2.9.1

+1 to lhyx1

[LHYX1]

@zimmaro thanx for testing the script with nod32 v5 version 5.2.9.1
I din't test anything yet. You were quicker

@killtrace I think you did something wrong mate

[jnpa123]

i tested it on Comodo internet security and avast 7, it doesnt get detected as virus in both cases however comodo firewall (safe mode) blocks the connection without any warning and avast auto-sandbox it

[judas1337]

i get an error?


Traceback (most recent call last):
File "./crypter.py", line 89, in <module>
a = open(payload_raw,"rb")
IOError: [Errno 2] No such file or directory: 'temp.raw'

how can i fix this?

Thank you.