Hey I’ve been looking into ethical hacking recently and I’ve been really struggling to create a truly FUD payload that evades AV (Windows Defender I’m fine at avoiding.) I’ve tried various options (listed below) and none so far have been successful in creating a meterpreter session.
So I was just wondering if you guys know any less-known techniques that might work for successfully creating a payload and obtaining remote control to test and analyze on systems (I’m assuming delivering payloads and running them on the victim is the only option for remote control, as all remote exploits like EternalBlue and DoublePulsar are patched on modern pcs right)? Also even when I disable AV on the target and run the payload the session doesn’t open so I’m guessing the port isn’t open on the victim (443 I’m trying), so will I have to find a way to open that port in my file or disable firewall completely?
Also just a guess, do you think generating payloads via less used RATs like Cobalt Strike will be more successful?
Thanks!
Methods Tried
-MSFvenom shikata_ga_nai encryption python payload to exe (via pyinstaller and Fern Obfuscator), got 2 hits with this on VirusTotal.com but Norton on the victim still discovered it and running it didn’t connect (Norton labels it as a “heuristic virus.” Tried staged and stageless payloads, as well as HTTPS or reverse_tcp.
-Powershell one-liner command (Norton intercepts and disables)
-Regsvr one-liner command (Again picked up by Norton)
-Custom VBS script compiled to an exe (picked up and unable to connect to attacker even without AV on)
-Phantom and Veil-evasion (both picked up by AV)
-AsyncRat with custom payload (picked up by AV and didn’t work when run)
-Powershell Rat (didn’t work)
The post Creating a FUD Payload appeared first on 100% Private Proxies - Fast, Anonymous, Quality, Unlimited USA Private Proxy!.