exploit the possibilities
Showing 1 - 1 of 1 RSS Feed


Posted Sep 7, 2006
Authored by Craig Heffner | Site craigheffner.com

While there are some easy ways of changing the antivirus signature of a program (packers, encryptors, etc), they may not always be viable options for those wishing to bypass antivirus applications. This paper will show how to locate the signature used to identify Netcat, and modify it so that the executable no longer matches Symantec's AV signature, without interfering with any of the program's functionality. This is an exercise in identifying and modifying sections of code (aka, signatures) that are used by antivirus programs to identify malicious code; the tools and techniques used here can be applied to any program that is marked as malicious by AV applications.

tags | paper, virus
MD5 | 595c987f017f5351e9fbd2d609a5acc0
Page 1 of 1

Top Authors In Last 30 Days

packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By