On 3/18/10 11:54 AM, Rob Fuller wrote: > Wait.. a software you pay for gets caught by AV?
To be fair, Core does not market their product as "Use IMPACT to bypass AV all the time!". In fact, at times they may actually bypass 98% of the AV out there, but then AV vendors update sigs and techniques and catch them, then Core may update the agent, etc... In my experience, Core bypasses most of the AV out there, but nothing something like msfpayload or upx can't fix ;) Cheers, Paul >By itself or are you > always binding it and the binder is triggering AV? > > > -- > Rob Fuller | Mubix > Room362.com | Hak5.org | TheAcademyPro.com > Ignore this: > x5o...@ap[4\pzx54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* > > > > > On Thu, Mar 18, 2010 at 11:05 AM, Brian Judd <[email protected]> wrote: >> Does anyone know of a good packager/installer that can get a Core Impact >> agent past AV detection? I used NSIS in the past, but it seems to be >> getting caught now. Thanks! >> >> >> >> Brian Judd >> >> This message (including any attachments) may contain confidential >> information and is intended only for the individual to which it is >> addressed. If you are not the intended recipient, please delete this message >> and contact the sender. You are also hereby notified that any review, >> disclosure, copying, or distribution of this message, or the taking of any >> action based on it, is prohibited. >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com -- Paul Asadoorian PaulDotCom Enterprises Web: http://pauldotcom.com Phone: 401.829.9552 _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
