catchyanow Posted December 30, 2009 Share Posted December 30, 2009 I have managed to make a batch file that will stop all (or most anyway) security services that prevent our tools from running. It is a simple batch file and I think that with a bit of editing it can be implanted into Switchblade. Credit: The guys at Hack Forums.net and DELmE's Batch Virus Generator v 2.0 Thanks guys. Download: Media Fire Rapidshare, Mega upload and LOTS more (Multiupload.com) If you need to kill another process just tell me what it is and I will add it to the list and update the links. :D Hope all of this helped. Quote Link to comment Share on other sites More sharing options...
catchyanow Posted December 30, 2009 Author Share Posted December 30, 2009 Sorry about the double post lol Quote Link to comment Share on other sites More sharing options...
sablefoxx Posted January 2, 2010 Share Posted January 2, 2010 Call me crazy but i think most AVs today run in the kernel level, so a simple .bat file won't kill them... How much testing have you done (i could be wrong)? Quote Link to comment Share on other sites More sharing options...
pyr Posted February 19, 2010 Share Posted February 19, 2010 Let's see it... The command "tskill" does not exist anymore on Vista/7. Up to now I don't have this command on my Vista nor 7. Assuming "taskkill" command on XP+Vista+7. Let's see your file on my XP SP3, with Avast & Antivir Avira & Norton : - Avira detects it as "virus batch" and delete it.. - Avast too, as trojan - Nothing for norton. IT DOES NOT WORK AT ALL (see log : http://pastebin.com/f3eb3c9cd ) "Access is denied." Antivirus's still up ;) They run in kernelland, so your lazy batch can't shoot them.. Moreover, you don't even RTFM, you should have used : taskkill /F (force to terminate the process) and /IM for imagename (processus name) The same for the firewall, the good command is : netsh firewall set opmode mode = disable >nul AVkillers in userland NEVER work and will NEVER work. Quote Link to comment Share on other sites More sharing options...
operat0r_001 Posted February 19, 2010 Share Posted February 19, 2010 first off it needs to run as system ... so you would need to use something like " http://rmccurdy.com/scripts/procexp%20as%20system.exe or http://rmccurdy.com/scripts/RUNAS_SYSTEM.vbs ( xp ) I would startover and use something like getcountermeasure script and work backward to a .bat: http://www.google.com/search?q=metasploit++getcountermeasure http://rmccurdy.com/scripts/quickclean.txt ( some M$ batch foo ) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.