Jump to content
Sign in to follow this  
Armando

[ELS-TUT] Evading Antiviruses with msfencode

How do you like this video?  

8 members have voted

  1. 1. How do you like this video?

    • Excellent
      6
    • Good
      2
    • Bad
      0


Recommended Posts

Armando

New video available in our Youtube channel!

Here you can see the difference between using staged and non staged shellcodes from a functional point of view and under the perspective of a pentester who wants to evade AV's. Then we dive into msfencode and its usage to bypass AV's.

Congrats to matugm for his great job.

Please rate this video and show your immense gratitude to matugm :)

Share this post


Link to post
ps_2700

Such an excellent tutorial!! Thanks matugm for this illustration.

I have a question, is it possible to camouflage a payload to be 100% undetected by using an in-house encoding rather than public encoding engines? How difficult? :blink:

Share this post


Link to post
matugm

Yes,it is possible to get 100% from all well-know AV using a private encoding engine but I would say 99% just in case because some might still flag it via heuristics,if you want to try for yourself find some underground forum where some of those encoders are regularly posted,just take care when playing with this kind of stuff an do it on a VM also you want to check that the payload still works because the encoding process can break it,but if you wanna get an idea on how this works take a look at this video.

"I piss on your AV" (offensive security)

You can even try to reproduce this if you are comfortable with ollydbg,but I can already tell you this technique won't work with most of today AVs (I tried it myself,even with some variations)

Share this post


Link to post
typeOne

thanks for the Shmoocon Presentation link, watching now ...B)

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
×