bonucci Posted October 14, 2010 Posted October 14, 2010 Hi guys,m i have a question, now a days, the scripts that are used for example in the wiki about usbhacksaw are easely detected by antivirus isnt it? Quote
digininja Posted October 14, 2010 Posted October 14, 2010 Probably but it isn't too hard to re-write them yourself so they aren't recognised. Most AV will do pattern matching for this kind of thing so as long as you change things enough you'll go past them. You will also need to use newer versions of the tools as they will be detected now as well. The big problem is that U3 is now disabled by default so the attack will only work on older systems. Quote
bonucci Posted October 14, 2010 Author Posted October 14, 2010 (edited) I made a basic keylog, the keylog is detected only by 3 antivirus, but is interesting that when i upload it in TotalVirus website the next day more antivirus detect it, i bet that the website works whit the companys. Im new at programing c++, im still learning, i made that when the script executes, it gets a output .txt where stores the typed keyowords, but now i liked to make instad of storing the txt documents in the computuer it would send me by email. For example, in 1000 keword typed the script would send me to my email. P.S. Sorry for my english... Edited October 14, 2010 by bonucci Quote
digininja Posted October 14, 2010 Posted October 14, 2010 The way VirusTotal works is to take all samples it receives and any that are detected as a virus by one system get sent to all the rest. Basically, as soon as you sent something to them you have probably about a week before most will have a signature for it. That version of the app is now burnt, make some changes and re-compile and you will have a second chance as long as you managed to change enough parts so the signature is different. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.