Hi all

Been messing with the framework over the past few days.

In all of the tutorials I have found so far (including the one on Offensive Security) people talk about using msfpayload and msfencode to create a trojan.

However no matter how much I encode, my AV still finds it. I'm using McAfee VSE 8.8.

I have tried with

windows/meterpreter/reverse_tcp
windows/vncinject/reverse_tcp
windows/shell/reverse_tcp
windows/shell_reverse_tcp

Each non-encoded and encoded with 2 encoders 10 times each.

The last one apparently should bypass AV becuase it only contains enough code to execute the connection, with the rest of the code sent by the attacking machine after it establishes.

However, after dumping the file on my Windows box and scanning it, it gets picked up every single time.

Am I doing something wrong, or has AV just come along since these guides? Is there a new method?