Hacking
Casual
232

100% undetected rat






  21-Nov-2020 02:56:33



hi who can make me a 100% undetected rat payload i will pay thanks 

DISCUSSION



21-Nov-2020 15:11:56

You can use this tools https://github.com/Screetsec/TheFatRat, or you can change the file signature 




Reply


22-Nov-2020 01:41:52



hi i tried thefatrat and its being detected how do i change the signature im still quite a newbie i been doing it for the past 5 days spending almost 17 hours a day on my laptop


Reply


22-Nov-2020 02:05:01



Maybe, the signature of the tool is already entered in the antivirus database. therefore he is detected by the antivirus


Reply


22-Nov-2020 02:14:45



https://reverseengineering.stackexchange.com/questions/16955/bypassing-av-signature-with-hex-editing 

Im learning too, and i have a reference. You can change dynamic to static, you can header, metadata, encode your code


Reply


22-Nov-2020 02:15:27



So if you talk about FUD, it can be done with various techniques, you can change the header, metadata, encode, etc. So why can bypass AV, the way av works in general, he will compare it with their database, with a certain level of similarity a file will be detected. So even though the mas, for example, is only for program A, but in it (can be a signature file, metadata or whatever) certain code in db av will also be detected by the mas program. In order to escape then what? Yes, there are various techniques ...

Sorry bad English 😅


Reply


22-Nov-2020 02:23:38



Mas its mean = bro 🙏🏻


Reply


22-Nov-2020 17:44:12



If you want to bypass AV, you can encode the program, If you want to be more powerful, you have to understand the ins and outs of the target OS, I assume Windows, if you understand the Windows Registry then you can make this malware powerful, for example you can stop the task manager, hide file processes while running, make the program becomes difficult to remove


Reply


23-Nov-2020 01:13:17



But, how to setting the programs like this ? I dont know hide process programm when running 


Reply

I dont know im newbie 




Reply


23-Nov-2020 01:11:20



Same :D


Reply




21-Nov-2020 20:41:11

You can use embed pdf or doc to hide the payload 

You should learn reverse engineering 




Reply


22-Nov-2020 01:43:43



could you help me do it if i pay you for your time also what books do u recommend for me to learn reverse engineering i spend 17 hours a day on laptop trying to figure it out and ive only been trying it for past 5 days 


Reply


22-Nov-2020 02:03:41



If you want e books reverse engineering, you can access here https://forum.seccodeid.com/d/reverse-engering-guides detail and more


Reply


22-Nov-2020 02:18:11



If it is explained it's a bit long too, bro. Simply put, why the bs bypss av file, which obviously av has a limited database and logical, there can be a gap in a file through av. Changes were clearly made to fool av, and that is by nature using the exe file. But if at this time we can embed a certain exe / code file with any extension, which can be pdf, doc and anythings. It's more difficult to detect av, and you don't need to change the header of the file, etc ... because the existing files, we just need to inject them using the code.

Reply


22-Nov-2020 17:40:53



bs what is mean? 

Reply


22-Nov-2020 17:47:20



I dont know bro 


Reply


22-Nov-2020 21:28:42



bs in indonesian bisa 

bs in english can 

Conclusion bs mean can, sorry hehe 


Reply


22-Nov-2020 17:49:58



What techniques have you used? 


Reply




22-Nov-2020 02:20:08

Sorry im bad English 😅




Reply




22-Nov-2020 02:29:05

If you have tried changing the metadata, header signature then encodes it. do not occasionally send or scan in virus total site and etc, but why ? because it will benefit them, your file will be analyzed and then detected by the AV Cmiw




Reply


22-Nov-2020 17:48:14



Good idea 


Reply


23-Nov-2020 01:10:34



🔥🔥🔥


Reply




22-Nov-2020 17:45:01

What is your target OS ? 




Reply

You can hide it by wrapping your program in pdf, doc, etc 




Reply


27-Nov-2020 15:53:14



Or using badusb to inject payload 


Reply

Idk 




Reply

Login for comment and discussion.
Login Here
POST NEW DISCUSSION
Popular Posts
Gps Tracker Seccodeid Free Too...
Bayu aji Bayu aji
General
2041
121
Top

Free Proxy List
Sandidi Sandidi
Networking
1386
3
Top

Mass Reverse IP Unlimited
ImamSy ImamSy
Hacking
1298
10
Top

Report McAfee Antivirus Hurrri...
Indrasp Indrasp
Windows
1035
93
Top

GHunt OSINT Tools - Investiga...
Sandidi Sandidi
Tools Hacking
775
3
Top

Related Post
Subscribe

Subscribe free now for latest posts