Chris The "evil bin" is already a payload encoded like that ;)...evasion works great.. but the user realizes of being tricked into an execution of a program that does not what he would expect... Then wanted to pack into a setup ..or another trusted bin ... Hope to have explained better!...however thanks David
Il giorno 05/feb/2010, alle ore 15.12, Chris Keladis <[email protected]> ha scritto: > On Fri, Feb 5, 2010 at 6:31 PM, NetEvil <[email protected]> wrote: > >> Hi guys, >> In my pentest i have 2 binaries, the first evil and the second >> trusted..both undetected by AVs.. >> But when i pack them together...(I've tried many tools..) the >> resulting bin is often detected as "evil packed file.." or something >> like that...and this is not stealth as i would it to be... > > Check out.. > > http://pauldotcom.com/wiki/index.php/Episode125#Pass_.233_-_Metasploit_.28svn_version_as_of_9-28-08.29_Payload_Encoded_With_Shikata_Ga_Nai > > Might help. > > > Cheers, > > Chris. > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
