catchyanow Posted December 30, 2009 Posted December 30, 2009 I have managed to make a batch file that will stop all (or most anyway) security services that prevent our tools from running. It is a simple batch file and I think that with a bit of editing it can be implanted into Switchblade. Credit: The guys at Hack Forums.net and DELmE's Batch Virus Generator v 2.0 Thanks guys. Download: Media Fire Rapidshare, Mega upload and LOTS more (Multiupload.com) If you need to kill another process just tell me what it is and I will add it to the list and update the links. :D Hope all of this helped. Quote
catchyanow Posted December 30, 2009 Author Posted December 30, 2009 Sorry about the double post lol Quote
sablefoxx Posted January 2, 2010 Posted January 2, 2010 Call me crazy but i think most AVs today run in the kernel level, so a simple .bat file won't kill them... How much testing have you done (i could be wrong)? Quote
pyr Posted February 19, 2010 Posted February 19, 2010 Let's see it... The command "tskill" does not exist anymore on Vista/7. Up to now I don't have this command on my Vista nor 7. Assuming "taskkill" command on XP+Vista+7. Let's see your file on my XP SP3, with Avast & Antivir Avira & Norton : - Avira detects it as "virus batch" and delete it.. - Avast too, as trojan - Nothing for norton. IT DOES NOT WORK AT ALL (see log : http://pastebin.com/f3eb3c9cd ) "Access is denied." Antivirus's still up ;) They run in kernelland, so your lazy batch can't shoot them.. Moreover, you don't even RTFM, you should have used : taskkill /F (force to terminate the process) and /IM for imagename (processus name) The same for the firewall, the good command is : netsh firewall set opmode mode = disable >nul AVkillers in userland NEVER work and will NEVER work. Quote
operat0r_001 Posted February 19, 2010 Posted February 19, 2010 first off it needs to run as system ... so you would need to use something like " http://rmccurdy.com/scripts/procexp%20as%20system.exe or http://rmccurdy.com/scripts/RUNAS_SYSTEM.vbs ( xp ) I would startover and use something like getcountermeasure script and work backward to a .bat: http://www.google.com/search?q=metasploit++getcountermeasure http://rmccurdy.com/scripts/quickclean.txt ( some M$ batch foo ) Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.