ms11_xxx_ie_css_import – Windows 7 Session

After the first test of this exploit on my Windows XP Pro victim, I decided to try my hand at a Windows 7 victim.

So I fired up my fully patched Windows 7 Ultimate victim and browsed over to the exploit website and got……..blah no session.

Continue reading “ms11_xxx_ie_css_import – Windows 7 Session”

Anti Virus Evasion Techniques

Recently I’ve been playing around with various methods for evading Anti Virus, when deploying a payload to a victim, either through Metasploit or other means.

It seems the AV vendors are targeting the standard Metasploit methods of  encoding payloads, so we have to be a bit more devious to get the payload onto our victim.

What I’m not going to do tho is give you direct AV avoidance commands, I have not put any of these payloads through Virus Total – thats up to you, I’m just trying to show you how it is possible and you should experiment on your own systems and not someone else’s – after all it is illegal.

There are a few avenues I’m gonna explore in this post, from standard Metasploit encoding thro multi encoding payloads and IExpress.

Continue reading “Anti Virus Evasion Techniques”