- This topic has 17 replies, 4 voices, and was last updated 4 years, 7 months ago by Sithum Nimlaka Abeydheera.
- AuthorPosts
- May 7, 2020 at 4:20 pm #36102Sithum Nimlaka AbeydheeraParticipant
Zaid,
Can you apply new method for AV bypass ?May 7, 2020 at 4:28 pm #36103Sithum Nimlaka AbeydheeraParticipantZaid,
Can you show how i encrypt our backdoor ?May 8, 2020 at 3:56 pm #36204Zaid SabihModeratorHave you gone through the whole course Sithum? cause you asked about mail spoofing and AV bypass methods and all of this is covered in the course.
The course covers 5 ways to bypass AV programs.May 8, 2020 at 5:39 pm #36219Sithum Nimlaka AbeydheeraParticipantno, zaid it is are detected by antivirus guards
May 8, 2020 at 5:40 pm #36220Sithum Nimlaka AbeydheeraParticipantZaid,
Can i know what payload is the best one in veil.May 9, 2020 at 6:31 am #36278Diego PérezModeratorHi Sithum!
There’s no like a magical recipe for this. You can try with the different payloads in Veil, this will help to improve your knowledge. Also take good notes about what you’ve found.Basically bypassing AV programs is like a game of cat and mouse, so backdoors might start getting detected at some stage, then the developers release an update, this will allow you to generate undetectable backdoors, then AV programs release an update which will make backdoors detectable ……..
So the main thing is to make sure that Veil or any other tool you’re using to generate the backdoor is up to date.
Here’s a few solutions to try if your backdoor is getting detected:
1. Make sure that you have the latest version of Veil, so do updated before doing use 1.
2. Experiment with different payloads, and experiment with different payload options and you should be able to bypass it.
3. Try generating a backdoor using the fat rat, empire.
4. Modify backdoor code if its in bat as shown in lecture 33.
5. Modify backdoor using a hex editor as shown in lecture 40.
6. Create your own backdoor (covered in python course).
The best thing to do is look at the last lecture of the course (bonus lecture) it contains all the courses that you can take with this course and a comparison between them.
Hope it helps!
DiegoMay 9, 2020 at 7:17 am #36296Sithum Nimlaka AbeydheeraParticipantI have buy python course. But i not completed it..
Thankyou diego
May 10, 2020 at 6:38 am #36396Diego PérezModeratorYou’re welcome Sithum!
Remember that this courses are complementary so try to tie all the info you got to make it work!Greetings!
DiegoMay 12, 2020 at 5:38 pm #36650Sithum Nimlaka AbeydheeraParticipanthttps://blog.netspi.com/10-evil-user-tricks-for-bypassing-anti-virus/
I found this article in google. what you think about it ?
May 12, 2020 at 6:23 pm #36651qwefmlParticipantHi, Sithum, because the admins are really slow in answering the questions, I thought maybe I would ask you. Did you try to make the bat file from Download & Execute Payload? It doesn’t work for me (as almost everything from this course), it gives me an error of “w is not recognized as an internal or external command”.
Did it work for you?
May 13, 2020 at 3:05 am #36678Sithum Nimlaka AbeydheeraParticipanthi qwefml
yes it is work for me ?May 13, 2020 at 4:18 am #36684Sithum Nimlaka AbeydheeraParticipantAre you recheck your code ? and are you in same network ?
May 13, 2020 at 7:30 am #36712Diego PérezModeratorHi Qwefml!
Make sure that you’re using the same payload when generating the backdoor and when using multi handler, if you’re already doing that then try using a different port, if you’re still having issues then please show me the following please:1. Result of ifconfig in Kali.
3. The result of ipconfig in Windows.
3. The result of options before generating the backdoor.
4. The result of show options before running the multi handler.
5. Your download and execute fileLet me know.
DiegoMay 13, 2020 at 7:50 am #36719Sithum Nimlaka AbeydheeraParticipantI want some reply for this
#36650May 14, 2020 at 7:35 am #36816Diego PérezModeratorHi!
It’s an old article but it may work, have you tried any of the suggested there?
Greetings!
Diego - AuthorPosts
- You must be logged in to reply to this topic.