Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Bypassing ESET NOD32 Antivirus using Fileless
Message
<blockquote data-quote="Deleted member 65228" data-source="post: 693701"><p>Not realistic in a normal environment most of the time because the network would already be compromised for this to work like that. And if your network is already compromised (Local Area Network - LAN) then it is already game over. -> time to reset your security for your network and check on your router</p><p></p><p>[USER=63278]@daljeet[/USER] I don't even see how ESET was "bypassed" either. All I see is processes being spawned, which aren't actually doing anything to bypass the ESET HIPS. Unless I am blind...</p><p></p><p>Even if you get a program to run automatically via this Metasploit attack, it isn't like ESET isn't aware of the process spawn. If the process tries to do something monitored by the HIPS then it'll still be intervened</p><p></p><p>You'll always find these sorts of videos. Just go on YouTube and look-up "Black Cipher", you'll find a guy making a video about every single AV product you can think of. I think that they are just haters of AV vendors and they couldn't make anything better than the current vendors themselves even if they tried. The attacks aren't realistic and they are just over-exaggerated drama in my opinion. "security experts" who followed a tutorial on setting up Metasploit and their skill-set usually doesn't surpass through writing a simple batch or Powershell script, likely have 0 clue how AV technology even works which is why they are spending their time making useless videos like that instead of working for a vendor or getting good pay at a security research company</p><p></p><p>You'll also see people doing it to bash products they dislike and make the ones they personally use look really good. Not to mention that the ESET HIPS needs to be configured to be used to its full potential which proves the author of the video doesn't even understand how to use ESET properly in my opinion.</p><p></p><p>I suggest you just ignore rubbish like that and focus on what is actually happening in the real world (realistic and prevalent attacks). Proof-Of-Concept attacks only become an issue once they've been abused in genuinely dangerous malware and attacks like this where you are already compromised prior to what was done in the video is unrealistic and is already a game over scenario. There's 1000000 ways to do something</p><p></p><p>[USER=32260]@Andy Ful[/USER] is a good member here with experience and he can use Metasploit and is really good with Powershell. He also owns a really useful project and a few tutorials about malware reversing. But you don't see him making useless bypass videos like this... which speaks for itself <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /> <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /></p></blockquote><p></p>
[QUOTE="Deleted member 65228, post: 693701"] Not realistic in a normal environment most of the time because the network would already be compromised for this to work like that. And if your network is already compromised (Local Area Network - LAN) then it is already game over. -> time to reset your security for your network and check on your router [USER=63278]@daljeet[/USER] I don't even see how ESET was "bypassed" either. All I see is processes being spawned, which aren't actually doing anything to bypass the ESET HIPS. Unless I am blind... Even if you get a program to run automatically via this Metasploit attack, it isn't like ESET isn't aware of the process spawn. If the process tries to do something monitored by the HIPS then it'll still be intervened You'll always find these sorts of videos. Just go on YouTube and look-up "Black Cipher", you'll find a guy making a video about every single AV product you can think of. I think that they are just haters of AV vendors and they couldn't make anything better than the current vendors themselves even if they tried. The attacks aren't realistic and they are just over-exaggerated drama in my opinion. "security experts" who followed a tutorial on setting up Metasploit and their skill-set usually doesn't surpass through writing a simple batch or Powershell script, likely have 0 clue how AV technology even works which is why they are spending their time making useless videos like that instead of working for a vendor or getting good pay at a security research company You'll also see people doing it to bash products they dislike and make the ones they personally use look really good. Not to mention that the ESET HIPS needs to be configured to be used to its full potential which proves the author of the video doesn't even understand how to use ESET properly in my opinion. I suggest you just ignore rubbish like that and focus on what is actually happening in the real world (realistic and prevalent attacks). Proof-Of-Concept attacks only become an issue once they've been abused in genuinely dangerous malware and attacks like this where you are already compromised prior to what was done in the video is unrealistic and is already a game over scenario. There's 1000000 ways to do something [USER=32260]@Andy Ful[/USER] is a good member here with experience and he can use Metasploit and is really good with Powershell. He also owns a really useful project and a few tutorials about malware reversing. But you don't see him making useless bypass videos like this... which speaks for itself :) :) [/QUOTE]
Insert quotes…
Verification
Post reply
Top