All the backdoors are now getting detected by windows defender ? How to solve this issue ?

Question

All the backdoors are now getting detected by windows defender ? How to solve this issue ?

Opened this issue 7 years ago · 7 comments

Deleted user commented 7 years ago

Answer 1 · 2018-02-26T20:01:42.000Z

Just tested with ./build/build_win32_meterpreter_rev_https_50xshikata.sh and was not detected, windows 7.

Answer 2 · 2018-02-26T20:37:17.000Z

Tested the same template on W10 and DETECTED.

Answer 3 · 2018-02-27T16:17:49.000Z

./build/build_win32_meterpreter_rev_https_shikata_loadfile.sh
-> worked for me on Windows 10 with defender.

Answer 4 · 2018-02-27T20:07:38.000Z

You'r windows defender are update ?
Beacause for me ./build/build_win32_meterpreter_rev_https_shikata_loadfile.sh is detected.

Whatever, Can you send all commande what you does for the loadfile build ?

Thanks !!

Answer 5 · 2018-02-28T08:58:12.000Z

Of course defender is updated. I never had similar problems.
It is all in ./build/build_win32_meterpreter_rev_https_shikata_loadfile.sh, you only need to edit it with your correct ip.

Answer 6 · 2018-02-28T11:55:31.000Z

Hi,
Yes the ./build/build_win32_meterpreter_rev_https_shikata_loadfile.sh is not detected,
But it don't work.
he don't try to connect to the attack machine.

they is a difference between the code and the exemple at line 13
./make_avet -l thepayload.exe -E

Answer 7 · 2018-02-28T17:33:05.000Z

I will update the readme soon for the next version. The build script works for me. If a connection does not work it may have several reasons and unfortunetely I can not give support for everything.