Using Metasploit to Bypass AntiVirus Detection

In this video we will look at how to convert Metasploit payloads into EXEs which are undetectable by Anti Viruses. We will use the Metasploit framwork to create these EXEs. Basically the entire process boils down to 2 simple steps: First, use Msfpayload to convert the payload into raw format, then second, use Msfencode to encode this payload to avoid detection and convert it into an EXE. Both these steps are demonstrated in this video. The author then demonstrates how a fully updated version of AVG is unable to detect this newly created EXE.

Thanks to Amit Malik a.k.a DouBle Zer0 Zer0 for submitting this video to SecurityTube. For those of you who are interested in understanding more about AntiVirus evasion techniques using Metasplot, I would highly recommend reading this paper "Effectiveness of Antivirus in Detecting Metasploit Payloads" by Mark Baggett from the SANS Institute.

Vivek Ramachandran is a security evangelist and has been working in computer security related fields for the past 7 years. In 2007, Vivek spoke at world renowned conferences Defcon (WEP Cloaking Exposed) and Toorcon (The Caffe Latte Attack). The discovery of the Caffe Latte Attack was covered by CBS5 news, BBC online, Network World etc news agencies.In 2006, Vivek was announced as one of winners of the Microsoft Security Shootout contest held in India among 65,000 participants. He has also been a recipient of a Team Achievement at Cisco Systems for his work on 802.1x and Port Security modules on the Catalyst 6500 switches. Currently he spends all of his time maintaining Security- Freak.Net , SecurityTube.Net and is the co-founder of Axonize. Vivek, is a Bachelor in Electronics and Communications Engineering from the prestigious Indian Institute of Technology, Guwahati.You can contact him at vivek[at]securitytube.net