Home page logo

metasploit logo Metasploit mailing list archives

Re: Regarding HDM's blog about persistent HTTPS connections
From: HD Moore <hdm () metasploit com>
Date: Wed, 14 Apr 2010 11:29:54 -0500

On 4/14/2010 11:08 AM, Terrence wrote:
Why are you encoding into a vbs rather then an exe? What are the
benefits of a vbs for persistence?

VBS is easier to obfuscate and generally manipulate at runtime. Creating
another EXE would result in another catch-22 around AV signatures, so
using a VBS is generally easier. Long-term, a completely random EXE
generator would be a better solution.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]