现在的位置: 首页 > 综合 > 正文

绕过KAV6检测shellcode的cmd.ex­e输入输出重定向

2013年11月02日 ⁄ 综合 ⁄ 共 345字 ⁄ 字号 评论关闭
As I got from english words, you want to do reverse shell on a machine
with Kaspersky AV installed. Kaspersky installs kernel hooks on
NTCreateprocessEx  and NTCreateProcess and detects redirected input/
output for the processes. Even using a socket instead of a pipe wont
help. You should implement a custom reverse shell that sends output to
a temp file and submits to the remote side or fix kaspersky hooks ;)  

抱歉!评论已关闭.