Closed Vedant-Bhalgama closed 4 years ago
r00t-3xp10it
commented
4 years ago ye there are some ... but they are beeing detected now by anti-virus soluctions .. thats the reason why i have written Amsi Evasion sub-menu (payloads that evade detection) : Python to powershell => i dont know any method to do that .. python to exe => pyinstaller.py powershell to exe => https://gallery.technet.microsoft.com/scriptcenter/PS2EXE-GUI-Convert-e7cb69d5
Vedant-Bhalgama
commented
4 years ago If you know you made a tool called backdoorppt. In that tool does it open a ppt or not? Or only the File Extension is spoofed?
r00t-3xp10it
commented
4 years ago Description: Transform your payload.exe into one fake word doc (.ppt) Simple script that allow users to add a ms-word icon to one existing executable.exe (using resource-hacker as backend appl) and a ruby one-liner command that will hidde the .exe extension and add the word doc .ppt extension to the end of the file name.
Final notes: Target user thinks they are opening a word document file, but in fact they are executing one binary payload insted.
I belive you are looking for this rigth? FakeImageExploiter - video - bat payload word.docx agent
Vedant-Bhalgama
commented
4 years ago Ohk I will see into this.
Is there a macro virus in venom shell code generator or not?
And other thing I wanted to ask that Can we compile a Python Script to Powershell Script (.ps1) or to a Macro Virus (.xml)