Point taken... On Thu, Mar 11, 2010 at 12:12 PM, Rob Fuller <[email protected]> wrote:
> Write your own? ;-) So most of the AVs flag on the public javascript > strings that are used to exploit the vulns, so no matter if you put calc.exe > in as a payload or Sub7 you'll still flag. > > However there are "other" ways to trigger them, I am told... > > > -- > Rob Fuller | Mubix > Room362.com | Hak5.org | TheAcademyPro.com > Ignore this: > x5o...@ap[4\pzx54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* > > > > On Wed, Mar 10, 2010 at 3:41 PM, Craig Freyman <[email protected]>wrote: > >> Is there a clever way to obfuscate a pdf exploit/payload? All of my nasty >> pdfs are being picked up by my AV. Looks like this will be in msfencode in >> 3.4 http://www.metasploit.com/redmine/issues/706 but wondering if there >> was a way to do it now. >> >> Thanks, >> >> -Craig >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
