steevel69007

Thanks guys for your answers, For the question asked : - My original file is coded in C# - The file is done a local deployment (not remote attack). I want to test it on one of my computers who runs on win 7 x64. So i don-t use shellcode as metasploit does. I just used msfvenom for his encoding capabilities. I remember msfencode could encode his own payloads but also custom provided files. The idea is similar with traped attached files you can find in custom mails... But no need to mail because... it's my own computer !!! - For DLL injection, the application will start one time but will be unable to start at every machine start because is bufferd in memory. I think maybe msfvenom is not an appropriate tool to do that. I saw windows app that seems to be able to obfuscate in this way but I don't trust because there are not good security tools working on W (with a good update rating). Thanks

Hi, I'm Steeve and i'm new on this forum I wrote a keylogger in c# language compiled as an .exe file (perfectly working but detected by AV). Then I try to make it efficient and stealth. I choose following 'methodology' : - Create the ".exe" PE (recognized by AV) - Encode the ".exe" file (with several encoding methods) in order to bypass AV - Put the encoded ".exe" in an auto-extractible archive with command lines (auto start in register, lanch itself for for first launch) - Encode the archive with the same method - Join the encoded archive with a file - Encode again First question : is my methodology is good ? Then, i tried to encode with msfvenom using following command line : msfvenom -p -< /root/Desktop/myfile.exe > root/Desktop/myencodedfile.exe -f exe -i 20 -a x86_64 --platform windows -e x86/shikata_ga_nai Msfvenom succeed with encoding, AV doesn't detect malware anymore but when i launch the PE (on a win 7 x64), it does nothing, stays a few seconds in the taskmgr and disappear... With no error window... So I thought it was a buffer overflow crash due to invalid characters as x00, xff, x0a, x0d. Then I tried following : msfvenom -p -< /root/Desktop/myfile.exe > root/Desktop/myencodedfile.exe -f exe -i 20 -a x86_64 --platform windows -e x86/shikata_ga_nai -b '\x00\xff\x0a\x0d' But encoder returns an error due to bad characters. I need help with that. Thanks.

My name is Steeve Favourite game: Chess Favourite OS: Debian Favourite console: none !!! Nationality: French Accent: Bad english Sex: Male Race: White European Height: 1m75 Build: god-like, of course Favourite band: Jimi Hendrix Experience Favourite book: 9 princes of Alber Favourite author: Roger Zelazny Favourite movie: Once upon a time in America Favourite director: Pasolini Favourite TV Show: Shameless Favourite actor: Al Pacino Favourite actress: Kate Blanchet Favourite Pinup: Favourite Comedian: Monty Pyhton Other hobbies: Programming, boxing Car: none Occupation: Worker