I would like to know if there is a way to crypt to bypass antivirus a payload/backdoor generated with msfvenom.
I searched google but its not clear to me.
I read about encoders and all that , but the only 64 bits encoder that i find in msfvenom is x64/xor(i tried it but avast detects it still) , because i want to test on 64 bits virtual machine with avast installed on it.
When it comes to windows defender its pretty easy to bypass it but avast always find it and move it in quarantine.
Is there a way , considering i only test on 64 bits machine ?
Thanks.
7 Responses
you can use veil-evasion and use payload number 32 it uses AES algorithm to encode payload that should evade bypass AV
I will look at veil-evasion thanks.
Actually i found an article about it here on NullByte https://null-byte.wonderhowto.com/how-to/hack-like-pro-evade-av-detection-with-veil-evasion-0162363/
Also i would like to know if there is a safe site to test if my payload are fud ( i mean a site that does not report) .
i recommend to do it yourself on a Vm this could be annoying but it's seems the best option for me
Thats what I just did, I made the payload in Kali, transferred it to my VMware windows machine and scanned it with avast and its all good, avast say its not a virus:)
Note I need to know how to bind this payload with a windows executable for example a game or app.
use shellter
I think that highly depends on the game. If you're DLL injecting then some games simply use all DLLs in say the "gamedll" folder.
Other games have specific lists.
Although if you can embed the code in an alraedy exiting game DLL, I guess that'd be the best option.
Although why do that? The payload would be gone once the game is shutdown unless it's programmed to do otherwise.
Share Your Thoughts