App Review Full Bypass DDE Exploit COMODO AV-10.2.0.6526 DB-28788 (UNDETECTED!) - AV and HIPS ON Paranoid Mode

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Status
Not open for further replies.

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
I better advice these users, to test it for themselves rather than depending on videos alone. Sometimes it proves nothing to download samples and just double click which means nothing to me. To really test the limit of an antivirus is to penetrate and go against the will of the Antivirus in any WORST situation and configurations. I did that to my own Antivirus and it failed miserably. Notified my AV vendor and they improve the detection. Few months later, tested again, found another loopholes.

Yes, this is my way to look at the programs too. I prefer to test their standard natural abilities to reliably respond to system changes and settings changes mostly (and otherwise system activity), but I do so with a focus on the efficacy of the alerts and schemes. Yet, I think I understand what you mean by this statement.

Seems noteworthy to me, though, in both cases to do protection testing, although I don't believe you are saying that standard detection/block testing is completely pointless. I can see the point for both, since they look at the potential for problems by looking at separate vectors for trouble.

I appreciate the information. Surprising to hear how a-vs were failing your inspections, and I hope you were somehow rewarded for your efforts. Definitely, the worst kind of malicious activity imo has somewhere in the attack chain an actual face in front of a keyboard poking for holes in the system.

I feel like there is much work to be done in the future to interconnect protections in security schemes with regards to the various vectors for attack, this to achieve comprehensive protection. Good luck with your testing, and I hope you continue looking for loopholes in security self-defense and that you are rewarded fairly along the way...
 
D

Deleted member 178

Anyway you can't evaluate a product weakness unless you set it to max security with custom settings, which isn't the case in this video; it was just the HIPS on paranoid, which is half the way only.
 

Emmanuellws

Level 3
Thread author
Verified
Mar 11, 2017
132
ran the same test on a machine with only Windows Defender, and never would have thought MS Windows Defender AMSI caught it..ok this is interesting. Never set anything EXTRA....does this make Windows Defender better than all AV because like my AV, COMODO...all are unable to detect and bypassed? LOL
Screenshot from 2018-04-03 23-12-08.png
 
Last edited:

Emmanuellws

Level 3
Thread author
Verified
Mar 11, 2017
132
Anyway you can't evaluate a product weakness unless you set it to max security with custom settings, which isn't the case in this video; it was just the HIPS on paranoid, which is half the way only.
I would love to set it to the Max, but please COMODO users try it yourself...I have no intention to redo the video. If I still do it it would look like a personal attack if I managed to bypass it. If this attack wont bypass that ultra settings, another attack method will do. And come on...how would I know the ultra settings if I am not a regular COMODO AV user....can you tell me? can anyone tell me? I would love to try bypass it again if I really have the time to go through the pain again..and once I bypassed...please..I guess there would be another extra settings I need to go through..it will be never ending.. LOL. In the end, I got nothing to lose here. it is up to COMODO AV user to notify COMODO or not and look into that areas. Since it is not my money buying service and subscriptions from them.
 
Last edited:
  • Like
Reactions: AtlBo
D

Deleted member 178

And come on...how would I know the ultra settings if I am not a regular COMODO AV user....can you tell me?
It is why unless you are a very knowledgeable user of the said product, don't waste your time to do bypass videos, you won't be taken seriously.
I saw many vids of guys claiming to bypass products and most don't have a clue of what they are doing or even understand how to use the tested product.

i don't say it is your case, but as you can see from the various reactions, the line is thin...
 

ZeroDay

Level 30
Verified
Top Poster
Well-known
Aug 17, 2013
1,905
It is why unless you are a very knowledgeable user of the said product, don't waste your time to do bypass videos, you won't be taken seriously.
I saw many vids of guys claiming to bypass products and most don't have a clue of what they are doing or even understand how to use the tested product.

i don't say it is your case, but as you can see from the various reactions, the line is thin...
I'm going to have to agree with Umbra here. Unless you have taken the time to learn all the features of a security software inside out you shouldn't be testing it.
 

Emmanuellws

Level 3
Thread author
Verified
Mar 11, 2017
132
It is why unless you are a very knowledgeable user of the said product, don't waste your time to do bypass videos, you won't be taken seriously.
I saw many vids of guys claiming to bypass products and most don't have a clue of what they are doing or even understand how to use the tested product.

i don't say it is your case, but as you can see from the various reactions, the line is thin...

I think you still dont get it, a COMODO users asked me to do a bypass test. You dont get me do you. I hope you understand my simple statements here.
 
  • Like
Reactions: AtlBo

Emmanuellws

Level 3
Thread author
Verified
Mar 11, 2017
132
It is funny you guys, so please now I am so eager to test COMODO AV at the full ultra super duper settings. Really love to do it now. Screenshhot it here. ..I will gladly try my best to bypass...be it deploy keylogger...steal infos...bypassUAC....and deploy ransomware...i will try my best...i promise.
 

ZeroDay

Level 30
Verified
Top Poster
Well-known
Aug 17, 2013
1,905
I think you still dont get it, a COMODO users asked me to do a bypass test. You dont get me do you. I hope you understand my simple statements here.
You should have simply taken time to learn how the product works before testing so you knew how to test it at max settings and you were familiar with the product you were testing.
 
  • Like
Reactions: simmerskool

ZeroDay

Level 30
Verified
Top Poster
Well-known
Aug 17, 2013
1,905
It is funny you guys, so please now I am so eager to test COMODO AV at the full ultra super duper settings. Really love to do it now. Screenshhot it here. ..I will gladly try my best to bypass...be it deploy keylogger...steal infos...bypassUAC....and deploy ransomware...i will try my best...i promise.
I can't wait to see this lol

I wish you well I can see your intentions are good.
 

Emmanuellws

Level 3
Thread author
Verified
Mar 11, 2017
132
I can't wait to see this lol

I wish you well I can see your intentions are good.
you better be hahahaha...i dont know whether i am being sarcastic or not...if I can bypass Carboon Black Lockdown with Powershell Disabled...and SentinelOne's Full threat and suspicious mode ON... why couldnt I bypasss COMODO super duper ultra settings...and in the end..what do i get for that extra work? I dont earn any respect ..not even bounty hahah..someone please prepare me the money to do it..hahaha
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top