Practical Exploitation: Rob, Could you cover anti-virus evasion? I was going through Metasploit Unleashed and they have a small section on this. I tried to create a payload of windows/shell/reverse_tcp using mfspayload. This wasn’t supposed to be caught by AVG according to the course, but it was. I tried encoding it with mfsencode but it was still caught by AVG. Is there some vodoo to get around anti-virus?

Rob,

Could you cover anti-virus evasion? I was going through Metasploit Unleashed and they have a small section on this. I tried to create a payload of windows/shell/reverse_tcp using mfspayload. This wasn't supposed to be caught by AVG according to the course, but it was. I tried encoding it with mfsencode but it was still caught by AVG. Is there some vodoo to get around anti-virus?

jeffhnet

Will do, you aren’t the first to ask, it’s on the list of To-Dos

We aren't here to talk about theoretical hacks, or "If" scenarios. Call bullshit on us for anything you can't get working or don't think actually happens.

Want a white paper put into perspective? Can't quite figure out how a tool or exploit works? or works into a pen test? Thats what we do, shoot a comment, tweet, facebook update our way and we'll feature it on a show. You can also post a question right here:

Ask a Question

Practical Exploitation on Facebook

My Blog All of Tumblr

Follow on Tumblr

RSS Feed

Random

From the desk of Mubix and friends:

Real world exploitation examples