Social Engineering Toolkit and Metasploit: Web cloning attack and uploading a backdoor

Creating a persistent backdoor Afterword Modern antivirus program is capable of detecting such backdoor and even prevent the download of the encoded payload into victim's machine; payload encoded by shikata ganai 4 times is not enough to evade most of the modern antivirus program. In the past I used to click and execute unknown java … Continue reading Social Engineering Toolkit and Metasploit: Web cloning attack and uploading a backdoor

Metasploit and Social Engineering Toolkit: Kill Antivirus (eg. AVG2012)

Metasploit is packaged with killav script, but this script only kills avgrsx.exe which will respawn after the process is terminated. AVG has a program known as watchdog: avgwdsvc.exe which ensures the terminated AVG process is respawned again; seriously this makes killing antivirus difficult. The AVG IDS agent program cannot be terminated by any privileges which … Continue reading Metasploit and Social Engineering Toolkit: Kill Antivirus (eg. AVG2012)

Metasploit and Social engineering toolkit: Bypass firewall and antivirus detection

Social engineering is a technique used to exploit human weakness as an attack vector. The ¬†way to prevent human weakness as an attack vector is through policy and you must practise what you preach, without adhering to policy you will be a victim of social engineering. Social engineering toolkit is a program by David Kennedy … Continue reading Metasploit and Social engineering toolkit: Bypass firewall and antivirus detection