Hacking
92

100% undetected rat


21-Nov-2020 02:56:33

hi who can make me a 100% undetected rat payload i will pay thanks 

DISKUSI
21-Nov-2020 15:11:56

You can use this tools https://github.com/Screetsec/TheFatRat, or you can change the file signature 

Reply
22-Nov-2020 01:41:52

hi i tried thefatrat and its being detected how do i change the signature im still quite a newbie i been doing it for the past 5 days spending almost 17 hours a day on my laptop

Reply
22-Nov-2020 02:05:01

Maybe, the signature of the tool is already entered in the antivirus database. therefore he is detected by the antivirus

Reply
22-Nov-2020 02:14:45

https://reverseengineering.stackexchange.com/questions/16955/bypassing-av-signature-with-hex-editing 

Im learning too, and i have a reference. You can change dynamic to static, you can header, metadata, encode your code

Reply
22-Nov-2020 02:15:27

So if you talk about FUD, it can be done with various techniques, you can change the header, metadata, encode, etc. So why can bypass AV, the way av works in general, he will compare it with their database, with a certain level of similarity a file will be detected. So even though the mas, for example, is only for program A, but in it (can be a signature file, metadata or whatever) certain code in db av will also be detected by the mas program. In order to escape then what? Yes, there are various techniques ...

Sorry bad English 😅

Reply
22-Nov-2020 02:23:38

Mas its mean = bro 🙏🏻

Reply
22-Nov-2020 17:44:12

If you want to bypass AV, you can encode the program, If you want to be more powerful, you have to understand the ins and outs of the target OS, I assume Windows, if you understand the Windows Registry then you can make this malware powerful, for example you can stop the task manager, hide file processes while running, make the program becomes difficult to remove

Reply
23-Nov-2020 01:13:17

But, how to setting the programs like this ? I dont know hide process programm when running 

Reply

21-Nov-2020 15:32:56

I dont know im newbie 

Reply
23-Nov-2020 01:11:20

Same :D

Reply

21-Nov-2020 20:41:11

You can use embed pdf or doc to hide the payload 

You should learn reverse engineering 

Reply
22-Nov-2020 01:43:43

could you help me do it if i pay you for your time also what books do u recommend for me to learn reverse engineering i spend 17 hours a day on laptop trying to figure it out and ive only been trying it for past 5 days 

Reply
22-Nov-2020 02:03:41

If you want e books reverse engineering, you can access here https://forum.seccodeid.com/d/reverse-engering-guides detail and more

Reply
22-Nov-2020 02:18:11
If it is explained it's a bit long too, bro. Simply put, why the bs bypss av file, which obviously av has a limited database and logical, there can be a gap in a file through av. Changes were clearly made to fool av, and that is by nature using the exe file. But if at this time we can embed a certain exe / code file with any extension, which can be pdf, doc and anythings. It's more difficult to detect av, and you don't need to change the header of the file, etc ... because the existing files, we just need to inject them using the code.
Reply
22-Nov-2020 17:40:53
bs what is mean? 
Reply
22-Nov-2020 17:47:20

I dont know bro 

Reply
22-Nov-2020 21:28:42

bs in indonesian bisa 

bs in english can 

Conclusion bs mean can, sorry hehe 

Reply
22-Nov-2020 17:49:58

What techniques have you used? 

Reply

22-Nov-2020 02:20:08

Sorry im bad English 😅

Reply

22-Nov-2020 02:29:05

If you have tried changing the metadata, header signature then encodes it. do not occasionally send or scan in virus total site and etc, but why ? because it will benefit them, your file will be analyzed and then detected by the AV Cmiw

Reply
22-Nov-2020 17:48:14

Good idea 

Reply
23-Nov-2020 01:10:34

🔥🔥🔥

Reply

22-Nov-2020 17:45:01

What is your target OS ? 

Reply

22-Nov-2020 17:47:00

You can hide it by wrapping your program in pdf, doc, etc 

Reply
27-Nov-2020 15:53:14

Or using badusb to inject payload 

Reply

Silahkan Login Untuk Komentar / Diskusi.
Login Disini
POSTING DISKUSI BARU
Diskusi Terpopuler
Gps Tracker Seccodeid Free Too...
Member Seccodeid Bayu aji
Tidak Berkategori
690
Top

Free Proxy List
Member Seccodeid Sandidi
Networking
619
Top

Mass Reverse IP Unlimited
Member Seccodeid ImamSy
Hacking
589
Top

Report McAfee Antivirus Hurrri...
Member Seccodeid Indrasp
Windows
516
Top

Xampp msyql error cant running
Member Seccodeid Karno si kribo
Web Development
503
Top

Random Diskusi
Subscribe

Subscribe sekarang untuk mendapatkan diskusi terbaru