Metasploit and Social Engineering Toolkit: Kill Antivirus (eg. AVG2012)

Metasploit is packaged with killav script, but this script only kills avgrsx.exe which will respawn after the process is terminated. AVG has a program known as watchdog: avgwdsvc.exe which ensures the terminated AVG process is respawned again; seriously this makes killing antivirus difficult. The AVG IDS agent program cannot be terminated by any privileges which … Continue reading Metasploit and Social Engineering Toolkit: Kill Antivirus (eg. AVG2012)

Metasploit: Post exploitation with meterpreter

Exploit and payload preparation Start the exploit Post exploitation: Understand the exploited environment Whoami What is the machine? Which process has meterpreter attached to? Post exploitation: Using script to enhance your finding Is this a real machine or virtual machine? What is the user doing now? Can I see it? A screenshot will pop up. … Continue reading Metasploit: Post exploitation with meterpreter