BYPASSING ANTI-VIRUS PROGRAMS

AV programs detect viruses based on:

1. Code - compare files to huge databases of signatures.

->Use own code, obfuscation, useless operations, encode, pack ...etc

2. Behaviour - run a file in a sandbox and analyze it.

-> Run trusted operations before evil code.

->Delay execution of evil code.

Scan the file on the following website:

NoDistribute - Online Virus Scanner Without Result Distribution

https://nodistribute.com/

Using UPX to Package the executable program.

https://upx.github.io/

Download the file from https://github.com/upx/upx/releases/download/v3.95/upx-3.95-amd64_linux.tar.xz.

And extract to the /opt folder.

Compress the evil file through UPX.

./upx /root/PycharmProjects/reverse_backdoor/dist/reverse_backdoor.exe -o compressed_backdoor.exe

Scan the compressed_backdoor.exe file, the result is a little better.

 Take your file Unique and delay to execute the evil code to let the AV program think your program is harmless.

Python Ethical Hacking - TROJANS Analysis(3)的更多相关文章

  1. Python Ethical Hacking - TROJANS Analysis(2)

    DOWNLOAD & EXECUTE PAYLOAD A generic executable that downloads & executes files. Disadvantag ...

  2. Python Ethical Hacking - TROJANS Analysis(1)

    TROJANS A trojan is a file that looks and functions as a normal file(image, pdf, song ..etc). When e ...

  3. Python Ethical Hacking - TROJANS Analysis(4)

    Adding Icons to Generated Executables Prepare a proper icon file. https://www.iconfinder.com/ Conver ...

  4. Python Ethical Hacking - TROJANS Analysis(5)

    Spoofing File Extention - A trick. Use the Kali Linux Program - Characters 1. Open the program. 2. F ...

  5. Python Ethical Hacking - Malware Analysis(1)

    WRITING MALWARE Download file. Execute Code. Send Report. Download & Execute. Execute & Repo ...

  6. Python Ethical Hacking - Malware Analysis(4)

    DOWNLOAD_FILE Download files on a system. Once packaged properly will work on all operating systems. ...

  7. Python Ethical Hacking - Malware Analysis(3)

    Stealing WiFi Password Saved on a Computer #!/usr/bin/env python import smtplib import subprocess im ...

  8. Python Ethical Hacking - Malware Analysis(2)

    Filtering Command Output using Regex #!/usr/bin/env python import smtplib import subprocess import r ...

  9. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

随机推荐

  1. Windows程序设计(1)

    1. Windows程序设计基础 1.1 代码风格 #include "stdafx.h" #include <windows.h> void Alert(int i) ...

  2. go 项目目录结构

    网上有很多误人子弟的教程,   说项目下必须要有src,   傻逼玩意. 正确的路径应该是这样的: 所有go项目路径 src 项目1 项目2 项目N pkg bin 不是所有项目下必须建src, pk ...

  3. .Net Core微服务入门全纪录(五)——Ocelot-API网关(下)

    前言 上一篇[.Net Core微服务入门全纪录(四)--Ocelot-API网关(上)]已经完成了Ocelot网关的基本搭建,实现了服务入口的统一.当然,这只是API网关的一个最基本功能,它的进阶功 ...

  4. C常见错误小记(未完)

    1.指针与NULL 下面这段代码会报错: { int *a = NULL; *a = ; printf("%d",*a); } 指针初始化为NULL,还是没有分配内存,所以会报错. ...

  5. Zookeeper面试专题

    Zookeeper面试专题 1. Zookeeper是什么框架 分布式的.开源的分布式应用程序协调服务,原本是Hadoop.HBase的一个重要组件.它为分布式应用提供一致性服务的软件,包括:配置维护 ...

  6. .NET Core 选项模式【Options】的使用

    ASP.NET Core引入了Options模式,使用类来表示相关的设置组.简单的来说,就是用强类型的类来表达配置项,这带来了很多好处.利用了系统的依赖注入,并且还可以利用配置系统.它使我们可以采用依 ...

  7. LeetCode63. 不同路径 II

    这题和62题类似,只不过这里多了障碍物,只需要把有障碍物的格子的方案数设置为0即可,其他格子还是原来的走法. class Solution { public: int uniquePathsWithO ...

  8. JavaScript基础Curry化(021)

    时候我们希望函数可以分步接受参数,并在所有参数都到位后得到执行结果.为了实现这种机制,我们先了解函数在Javascript中的应用过程: 1. 函数的“应用”(Function Application ...

  9. JavaScript基础关于JSON(011)

    JSON意即JavaScript Object Notation,是JavaScript里数据表示的通用格式,JSON数据格式很象JavaScript里的对象: {"name": ...

  10. 记一次服务器被植入挖矿木马cpu飙升200%解决过程

    线上服务器用的是某讯云的,欢快的完美运行着Tomcat,MySQL,MongoDB,ActiveMQ等程序.突然一则噩耗从前线传来:网站不能访问了. 此项目是我负责,我以150+的手速立即打开了服务器 ...