Forum Thread: How to Crypt or Bypass Av with Darkcomet Stub?

I recently started experimenting with Darkcomet rat and some of it's features really appealed to me. Nevertheless I do not succeed in getting the stub or payload created with Darkcomet past the AV of my other computer. Is there anyone who could help me with this problem?

12 Responses

Do you know how crypting technology works? Do you know how AV software works? If your answer is no to both or either of these questions then of course you you cannot solve this problem. Have you tried experimenting with free options such as Veil Evasion?

I am completely new in crypting but I'd like to start learning it. However I do not know which crypting software I should use to crypt my existing payload. When I tried using Veil-Evasion it provides me with a new payload that can get behind security walls but I do not understand how to do this with an existing payload.

How well do you know C and/or the WINAPI?

I am learning C++ but Veil-Evasion works only for python right and the stub that DarkComet creates isn't.

Here is the source code to Veil Evasion's C WINAPI method. Take your time to look over the code, research the functions and understand the bigger picture. Once you know how everything works, apply your own methods.

GitHub

Thanks alot

let me break it down for you. DarkComet is one of the most well known RATs and therefore 90% of all the AVs you find will know its algorithm and therefore it is useless unless you change the payload, or code your own Crypter (which is for very experienced programmers) my best advice is to find a different rat.

the reason why you need to code your own crypter is because every free crypter you see will be useless, and I guarantee that it will. Because when a software is free, it means anyone in the world can download it, which means white hat hackers and anyone who wants to protect people can download the malware study it and find its algorithm. Even the paid ones are hard to find working because some are willing to pay a hacker for his crypter and they then find the algorithm and again patch it. So again, build your own or go with a different rat.

well after you make it,you can encode it,but you need some skills.and by the way darkcomet must have virus in it,because

  1. it's free.

2.i don't see any official site of that to download.

Darkcomet is a virus

i know it's a r.a.t but the program that you use to create that virus may have virus too,u can never know for sure

True, I posted this weeks ago so I am now fully convinced about using metasploit instead

Share Your Thoughts

  • Hot
  • Active