Description: In the 2nd part I generate a reverse Meterpreter shellcode using MSF, then from a Python source I build a single EXE file that launches the payload. The listening part is a MSF's multi/handler running in BackTrack 5 VM.
Not shown in the video but I had tested the same executable before on win xp sp3 machine with Avira installed - no alerts were made.
Tags: metasploit , python , shellcode , anti-av ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
thanks a lot man, i don't do python programing but your code are easy to understand, tested with www.virustotal.com and there is no warnings about it, thanks again
Interesting. Mark Baggett blogged about this technique here http://pen-testing.sans.org/blog/2011/10/13/tips-for-evading-anti-virus-during-pen-testing on Oct 13 and you publish these videos 3 days later (Oct 16) as your own. While the videos are a good demonstration of the technique, plagiarism is not cool or well received by the community. Just ask the InfoSec Institute and Gregory Evans.
I don't pretend to be an author. And the video was published on November, 4th. I'm gonna find the source link and post it here...
@LaNMaSteR53: I've checked out my bookmarks and that's the exact link I used as a source for video demonstration. Of course, thanks to Mark Baggett (the SANS Institute).
The only modification has been added by me is the shellcode XOR'ing (that piece of Python code is not mine, but I can't remember now where I've found it).
great man! thanks a lot!
keep on going!
made your life a lot easier http://insecurity.ro/forum/index.php?topic=293.0
thanks for the video bud
@j0k3rr: I've taken a look at the link above, thanks!