Hi everyone.
These days I was looking into bypassing AVs and I was able to evade a bunch of them but I'm struggling to bypass Norton sonar which can detect my meterpreter connection even though I was able to create a clean payload and before I ask I looked into some solutions like using Enable Stage Encoding in MetaSploit but it didn't bypassed the AV so anyone here have an idea on how to encrypt my connection so no AV can detect it.
Thanks
Forum Thread:
When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen.
8
Replies
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
2
Replies
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
Metasploit Error:
Handler Failed to Bind
41
Replies
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
Forum Thread:
How to Run and Install Kali Linux on a Chromebook
18
Replies
Forum Thread:
How to Find Admin Panel Page of a Website?
13
Replies
Forum Thread:
can i run kali lenux in windows 10 without reboting my computer
4
Replies
Forum Thread:
How to Hack School Website
11
Replies
Forum Thread:
Make a Phishing Page for Harvesting Credentials Yourself
8
Replies
Forum Thread:
Creating an Completely Undetectable Executable in Under 15 Minutes!
38
Replies
How To:
Dox Anyone
How To:
Brute-Force FTP Credentials & Get Server Access
How To:
Make Your Own Bad USB
How To:
Perform Advanced Man-in-the-Middle Attacks with Xerosploit
How To:
Seize Control of a Router with RouterSploit
How To:
Crack SSH Private Key Passwords with John the Ripper
How To:
Exploit EternalBlue on Windows Server with Metasploit
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
How To:
Brute-Force Nearly Any Website Login with Hatch
How To:
Use SQL Injection to Run OS Commands & Get a Shell
How To:
Hack Coin-Operated Laudromat Machines for Free Wash & Dry Cycles
How To:
Top 10 Things to Do After Installing Kali Linux
How To:
Create Custom Wordlists for Password Cracking Using the Mentalist
Mac for Hackers:
How to Install the Metasploit Framework
How to Hack Wi-Fi:
Capturing WPA Passwords by Targeting Users with a Fluxion Attack
How To:
Hack Open Hotel, Airplane & Coffee Shop Wi-Fi with MAC Address Spoofing
How To:
How Hackers Use Your IP Address to Hack Your Computer & How to Stop It
How To:
Crack Wi-Fi Passwords—For Beginners!
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
4 Responses
Do you know exactly what's causing the problem? Is the payload itself getting detected by signatures or heuristics? Where is it being detected: before or while running? Have you tried crypting it?
The payload is a bat file that contains a power shell script and it doesn't get caught by the signature or heuristics. The problem is when I try to connect to the victim machine Norton detect my connection and gave me at the bottom right a pop up telling me that someone is trying to connect to my computer using reverse https attack.
So it's a firewall issue? I'm not exactly sure about the details of PowerShell but is there some way you can inject the process into an existing process which connects online (like Skype) and use that to conceal your intent?
It appear that the block was caused by the "Intrusion Prevention" it this feature in Norton automatically blocks Internet attacks aimed at taking advantage of a vulnerable program.
Share Your Thoughts