Python Ethical Hacking - TROJANS Analysis

Posted 2020-11-15 一蓑烟雨

tags:

篇首语：本文由小常识网(cha138.com)小编为大家整理，主要介绍了Python Ethical Hacking - TROJANS Analysis相关的知识，希望对你有一定的参考价值。

BYPASSING ANTI-VIRUS PROGRAMS

AV programs detect viruses based on:

1. Code - compare files to huge databases of signatures.

->Use own code, obfuscation, useless operations, encode, pack ...etc

2. Behaviour - run a file in a sandbox and analyze it.

-> Run trusted operations before evil code.

->Delay execution of evil code.

Scan the file on the following website:

NoDistribute - Online Virus Scanner Without Result Distribution

Using UPX to Package the executable program.

Download the file from https://github.com/upx/upx/releases/download/v3.95/upx-3.95-amd64_linux.tar.xz.

And extract to the /opt folder.

Compress the evil file through UPX.

./upx /root/PycharmProjects/reverse_backdoor/dist/reverse_backdoor.exe -o compressed_backdoor.exe

Scan the compressed_backdoor.exe file, the result is a little better.

Take your file Unique and delay to execute the evil code to let the AV program think your program is harmless.

以上是关于Python Ethical Hacking - TROJANS Analysis的主要内容，如果未能解决你的问题，请参考以下文章