Forum Replies Created
- Posts
Hi Akabueze!
Basically bypassing AV programs is like a game of cat and mouse, so backdoors might start getting detected at some stage, then the developers release an update, this will allow you to generate undetectable backdoors, then AV programs release an update which will make backdoors detectable ……..So the main thing is to make sure that Veil or any other tool you’re using to generate the backdoor is up to date.
Here’s a few solutions to try if your backdoor is getting detected:
1. Make sure that you have the latest version of Veil, so do updated before doing use 1.
2. Experiment with different payloads, and experiment with different payload options and you should be able to bypass it.
3. Try generating a backdoor using the fat rat, empire.
4. Modify backdoor code if its in bat as shown in lecture 33.
5. Modify backdoor using a hex editor as shown in lecture 40.
6. Create your own backdoor (covered in python course).
The best thing to do is look at the last lecture of the course (bonus lecture) it contains all the courses that you can take with this course and a comparison between them.
Hope it helps!
DiegoHi!
Actually I don’t know, I used gmail as it allows less secure applications and also provides a smtp server. So you can research if your email provider has this features, if it does then you can use it.Greetings!
DiegoHi!
Which language did you used for your backdoor? I mean go, cs, c , python, etc. There are different options in Veil.
I’ll suggest to try with a cs/tcp backdoor.Let me know how it goes!
DiegoHi!
First, you ara attacking the windows virtual machine right? Cause the last photo is from a real PC but I assume is your host machine, right?
Then plese use NAT Network for both, kali and windows virtual machines, cause you are using NAT and the machines won’t be able to communicate with each other using this configuration. Both options are present in VirtualBox, I mean NAT and NAT Network, so it can be a bit confusing.
Let me know how it goes!
DiegoHi Tcale!
Ok, cool.
That’s weired, does your windows machine has internet access? can you try with a different image? or maybe store the photo in your apache server as well and see if it works properly.Let me know how it goes!
DiegoHi Akabueze!
About how to update I just answered you in the other question.I haven’t use “Use Proxy” But it should be used to redirect the packets through a proxy, her you can read more about beef:
https://github.com/beefproject/beef/wikiHope it helps!
DiegoHi!
No, I mean dnsmasq, to see if you are getting any error. Also the result of running hostapd.Let me know.
DiegoHi!
Ok, this tool won’t work against all routers, useually it would say “this router is vulnerable” or something similar, if it keeps the same Iwould suggest to move on cause there’s no workaround for this. Or maybe you can try to use a newer version, mdk4, it also came preinstalled in custom kali.Let me know how it goes!
DiegoHi Marek!
This same issue has happened to me when using big wordlists, don’t know exactly why but the command is working as the progress is being saved by john and the password will be eventually found. With medium size wordlist it takes a time (like 10 mins) to display aircrack-ng usual output.
Will try to look for the reason of this issue.
Greetings!
DiegoHi Tcale!
As I can see the file in windows shows a proper spoofed extension.
The othe issues are because you left the right-to-left character when compressing the file, to avoid this just clear the suggested name by the compressing tool and write a new one.Hope it helps!
DiegoHi MK!
Here you can find an article that may help you:
https://hashcat.net/wiki/doku.php?id=brute_force_in_oclhashcat_plus_originalHope it helps!
Diego
