[hanan]

Hello,

I am doing pen-test and i would like to get my trojan test file to be undetected as much as possible, i have thought to encode it using msfencode.
i would like to know if that should be possible and if so how to do that, since i have found this http://seclists.org/metasploit/2010/q1/317 post in the metasploit mail list, it seems that it wasn't possible to do that using msfencode at 2010.

If i can't do that with msfencode, is there any other packer or binder that you are suggesting?

Thanks.

[EP_X0FF]

Have no idea about Msfencode, but custom crypter can make FUD any malware. Write your own for tests, its ridiculously easy. Make it little smart and even reputation based detections will fail. However this forum is not deducated for malware programming including making malware for tests. Thread moved.

[Flamef]

Hi,if you can use MSfencode,you should implement the well known "Shikata ga nai" payload,it's just perfect.
You can read more about it here,it is easy as hell nowadays to make your "project" FUD.It doesn't require any knowledge,literally.
http://www.offensive-security.com/metas ... rus_Bypass

[hanan]

Hi,if you can use MSfencode,you should implement the well known "Shikata ga nai" payload,it's just perfect.
You can read more about it here,it is easy as hell nowadays to make your "project" FUD.It doesn't require any knowledge,literally.
http://www.offensive-security.com/metas ... rus_Bypass

After some research i have come to the conclusion that it impossible to pipe an exe file to msfencode, and if i want a reasonable results i should code my own.

Yes that what i would do, i have the programming knowledge, but some more research needs to be done to understand the PE file format.

Thanks.