Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • February 10, 2023 at 4:26 pm #70682
    Ihack4fun
    Participant

    hello
    i am using the latest version of the kali linux (Zsecurity)
    and also the latest version of (the fat rat/ VEil/ Empire)
    my problem is i try to edit the .bat file manualy and converting it to exe then i edit it with HXd
    after that i add an icon to it and rename it with (RTL override) to spoof the extension.

    but after doing all of that i am getting detected by at least 10 AV’s i am scanning on (antiscan.me)
    even if it says that its bypassing the AV i am using in my virtual machine it gets detected although the scanning web says its not.

    i have tried doing the same with (download and execute payload) or empedding it with a microsoft office document
    it just gets detected.
    please help me make it undetectable

    February 10, 2023 at 7:22 pm #70687
    Diego PérezDiego Pérez
    Moderator

    Hi!
    Basically bypassing AV programs is like a game of cat and mouse, so backdoors might start getting detected at some stage, then the developers release an update, this will allow you to generate undetectable backdoors, then AV programs release an update which will make backdoors detectable ……..

    So the main thing is to make sure that Veil or any other tool you’re using to generate the backdoor is up to date.​​
    Here’s a few solutions to try if your backdoor is getting detected:

    1. Make sure that you have the latest version of Veil, so do ​updated ​before doing ​use 1.
    ​2. Experiment with different payloads, and experiment with different payload options and you should be able to bypass it.​
    3. Try generating a backdoor using the fat rat, empire.
    4. Modify backdoor code if its in bat as shown in lecture 33.
    5. Modify backdoor using a hex editor as shown in lecture 40.
    6. Create your own backdoor (covered in python course).

    The best thing to do is look at the last lecture of the course (bonus lecture) it contains all the courses that you can take with this course and a comparison between them.

    Also check out this video:

    How To Create Fully Undetectable Backdoors

    Greetings!
    Diego

    February 10, 2023 at 8:14 pm #70690
    Ihack4fun
    Participant

    thank u
    i have done all of that except for the python
    i will start the python course after i finish this one

    February 11, 2023 at 4:46 pm #70711
    Diego PérezDiego Pérez
    Moderator

    Hi!
    Cool, bypassing AVs is always about try/error until you succeed.

    Greetings!
    Diego

  • Author
    Posts
Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.