Hi, it doesn’t seem that the backdoor generated has problems. However, I think this is because the Windows virus detector automatically detects the backdoor file as a threat and prevents installing it, even though I force it to run the file. After I click to run the file, Windows recognizes it and automatically deletes it. Because the file isn’t launched fully on my Windows virtual machine, the results of the target computer are not showing.
I tried antivirus scans on nodistribute and antiscan, but it appears on nodistribute that ‘either the file is empty or there’s a problem in the file.’ Nodistribute doesn’t seem to work on my computer. Antiscan states that the file with this format can’t be scanned. Only the ones that are ‘transformed,’ such as, to a Word document or a PDF, can be scanned. Are there any other antivirus scan methods?
If the backdoor I generated gets detected by most antivirus scan programs, how can I modify it to be undetectable? In the case of Veil, I’ve learned in the lesson that ‘PROCESSORS’ and ‘SLEEP’ can be changed, but I’m not sure what values to change to. Also, is it okay to set LPORT to a value that’s different from 80 or 8080? (80 and 8080 are the port numbers that most internet servers are using, right?) Are there ways to modify backdoors that are generated via TheFatRat, too?
Thanks.