Is there any (hopefully easy) way to figure out the AV used by target if they are behind a NAT device? I was having troubles scanning them with nmap/xprobe2.
I have their external IP and know they are using Windows 7 and Google Chrome if that helps any.
3 Responses
i dont think so but you can use some social engineering tricks to get info about his AV. like you can ask him about the best anti virus and the answer will be his Anti virus ;)
Chris:
There is no good way to detect the antivirus software remotely. Once inside the system, there are multiple ways and ways to disable it.
I assume you are trying to bypass the AV while exploiting the system remotely. I would suggest testing your exploit and payload on one of the major AV software publishers (Norton, Kaspersky, McAfee, etc) and see whether it detects the signature on your system. As all the major AV software publishers use similar or identical signatures, if they don't detect your payload, it is likely that your payload will not be detected on the victim system.
OTW
it's a good one mate :D
Share Your Thoughts