Mal-Sploit attax: (Attax-Suite v5.0) Note: Excuse spelling mistakes, in a rush... Malware style Metasploit attax: This attax is basically a Dropper to connect to the shellcode hosted remotely which will not flag by the hosting. It then reverse_https back over vpn to the attacker, upon connection it then auto uploads some files for a persistent backdoor with a fully undetectable setup and service then migrates into another process. This will survive reboot and keeps trying every 30 secs until connection is made over https and vpn. using no-ip keeps it in track with the refreshing of different ips. We then use microsofts Problem Steps Recorder on the target to spy on it and retrieve info and upload back to the attacker. We could use scraper, hashdump, camrecorder, etc but fancied a change. This is fully undetectable at "runtime and scantime" by top 44 AVs Almost a RAT in metaspliot's clothing. Can be used with a Java Dropper Vulns Page for deployment.. (ie) checks for version of java and runs the exploit against it. (java_pwn)???? Copyright DGConsultingUK 2012 www.dgpcrepairs.co.uk "Attax-Suite is not for sale and for use in a isolated & controlled environment" we are not responsible for misuse of this video
