Closed ghost closed 3 years ago
mauri870
commented
8 years ago Hi, can you please send some screenshots of the nod32 detection?
Perhaps use a https connection instead of the http make this more hidden :question: I created this exploit more like a PoC than a real world example. But I can Improve it's usability.
Golang is not designated for native background services, so building things like this is much more complicated than using other languages :disappointed:
ghost
commented
8 years ago 
this is the detection screenshot
mauri870
commented
8 years ago I will try update it to use https instead of http. Maybe with this approach the AV will not match the signature as a meterpreter connection (in theory)
ghost
commented
8 years ago ok keep up bro and thanks
vincentcox
commented
4 years ago Any plans to use https?
mauri870
commented
3 years ago yeah, this was just a POC anyway, no problem it's being detected
mauri870
commented
3 years ago As you said, meterpreter style backdoors are pretty common and quite easy to detect.
I'm closing this for now, it's a quite old thread and most decent antiviruses should detect this.
hello brother, what is new in this update.. and the memory scan of nod32 detect the meterpreter powershell operation !! do something please hh lol and can you help me how to use this tool in real attack situation "social eng" thanks a lot