November 27, 2022 at 10:32 PM
Hi everyone,
I hope this is the place to post a question about it. I couldn't find a better category but would be happy to delete and repost.
While discussing with a hacker friend about Meterpreter, we disagreed if the original Meterpreter code is still a concern nowadays-Familiar malicious code, and most services have technological control (AV) that would block the file from reaching the target or even being uploaded to the server.
I have to check if it's true or not.
The original Meterpreter code using msfvenom can be disguised as a Trojan or steganography but shouldn't be encoded.
How to get a Meterpreter shell on the target?
It can be hidden using
Please help out.
Are there any other ways I should test? I would be very happy to cover as many possible options.
If you can provide a tool with your recommendation, that will make me even more grateful.
Best day yo!
I hope this is the place to post a question about it. I couldn't find a better category but would be happy to delete and repost.
While discussing with a hacker friend about Meterpreter, we disagreed if the original Meterpreter code is still a concern nowadays-Familiar malicious code, and most services have technological control (AV) that would block the file from reaching the target or even being uploaded to the server.
I have to check if it's true or not.
The original Meterpreter code using msfvenom can be disguised as a Trojan or steganography but shouldn't be encoded.
How to get a Meterpreter shell on the target?
- Driveby download
- Link
- Gaining initial shell and upgrade
It can be hidden using
- Metadata
- binwalk
- Macro
Please help out.
Are there any other ways I should test? I would be very happy to cover as many possible options.
If you can provide a tool with your recommendation, that will make me even more grateful.
Best day yo!