Archive for April, 2011

Why Encoding Does not Matter and How Metasploit Generates EXE’s

Payload executables generated by msfencode are commonly detected by antivirus engines, depending which antivirus engine is used. A common misconception is that the antivirus engines are actually detecting the shellcode, and therefore, the best way to avoid antivirus detection is to pick an encoder that the antivirus engine cannot handle, or encode many times. After […]

, , , , , ,

13 Comments

Shells, terminals, and sudo mitm

In many situations, you can find yourself with a simple shell, able to read and write stdin/stdout, but some command that you are using requires a full terminal. Example: you got a netcat shell on a server or you’re writing a web application with popen() calls, etc. If you need to execute a command through […]

, , , ,

No Comments