9 comments

[ 2.9 ms ] story [ 32.4 ms ] thread
Nice,but the hta payload in your screencap,i remember no av picking up my cactustorch payloads either.

Nextgen AV(like windows ATP) block your exploit when it tries to spawn a process like cmd.exe. Their starting to do ML on scripts too now.

Keep it up though,maybe the next APT breach will use your script :)

Shouldn't it be `A Bash&Python Script...`? I am finding the use of `An` there very jarring.
English isn’t the creator’s first language. Read the ReadMe. Your comment is completely irrelevant.
What do you mean it's irrelevant to politely correct language mistakes? Did you have a particularly irksome encounter with an English teacher lately?
It's been a while since I lived in windows-land, but .hta iirc uses a trust zone that can be locked down to disallow the functionalities that usually allow hta malware to gain a foothold.
Is this satire? Why does it say "FUD" in the readme?

Honestly kinda unsure.

Same here.. more LOC spent making silly menu than obfuscation (which does very little?). I’d be absolutely shocked if modern AV did not thwart this.
FUD means fully undetectable in script kiddie [1] lingo. Just go to BlackhatWorld and you will see all the Russian malware programmers advertising their "FUD trojan horse with undetectable stub"

[1]: script kiddies are people who can't program but who use hacker tools

Why is this on the front page? Metasploit's msfvenom and others are well ahead of this and it looks pretty cheap.

It's incredibly easy to bypass virus scanners, did it when I thought that building malware is a cool thing (it really isn't, although DLL injection, function trampolines and ROP chains are a nice way to spend some time). After building malware, creating APTs and others, I don't see the point in it anymore. There are so many ways to make money legally and in a way that's useful for society.

Let's build something great instead of cheap obfuscator scripts.

For anyone interested in learning the real stuff, this is a good start: https://www.corelan.be/index.php/2009/07/19/exploit-writing-... (it got harder in the last years - stack cookies, DEP, kernel ASLR, browser sandboxes ... make it very hard to build reliable exploits - today it's easier to just scam people, I miss the times of Flash usage).