Go4Expert

Go4Expert (http://www.go4expert.com/)
-   Ethical hacking (http://www.go4expert.com/forums/ethical-hacking-forum/)
-   -   Obfuscating Malware Signatures to Make Them Unrecognied by Malware Scanners (http://www.go4expert.com/forums/obfuscating-malware-signatures-t15802/)

fourthdimension 12Jan2009 23:42

Obfuscating Malware Signatures to Make Them Unrecognied by Malware Scanners
 
Hey All

My first post here. I thought you all might find this interesting. I was doing some malware research today and came across a tutorial about how to use a hex editor and file splitter to change the signature of a virus/trojan/etc to make it undetected by malware scanners. I never realized how simple it is to pass an existing virus by security software. Makes me glad I'm running Linux. lol I just found I can't post links, so if you query google for "how to make a virus undetectable hex editor", the tutorial I read will be the first result. Hope you all find it interesting.

neo_vi 13Jan2009 11:01

Re: Obfuscating Malware Signatures to Make Them Unrecognied by Malware Scanners
 
pretty interesting of course. there is an other way to make things undetectable. protecting the file with 'software passport'. But it needs a lot of work. But i found the above thing much easier. nice info.
I think even when protected, it will get caught when advanced heuristic scan is performed, or the when the file tries to open. Not sure.

hanleyhansen 27Jan2009 21:09

Re: Obfuscating Malware Signatures to Make Them Unrecognied by Malware Scanners
 
Looks like an interesting article. Unfortunately everything here in school is blocked lol but I'll check it out when I get home.

fourthdimension 27Jan2009 23:41

Re: Obfuscating Malware Signatures to Make Them Unrecognied by Malware Scanners
 
Quote:

Originally Posted by hanleyhansen (Post 42058)
Looks like an interesting article. Unfortunately everything here in school is blocked lol but I'll check it out when I get home.

Set up an ssh server on your home computer, install putty and firefox to your flash drive, then set firefox to tunnel through your ssh connection ;)

hanleyhansen 28Jan2009 02:37

Re: Obfuscating Malware Signatures to Make Them Unrecognied by Malware Scanners
 
I tried that with IE but editing proxy settings was disabled in the school network. Also I don't have administrative rights to install Firefox anyway. Btw if you can think of any more hacks or tricks I can try to get around the proxy please let me know. Me and my network admin play a game where I try to exploit or find a loop hole in security and then he patches it up but recently I've been quiet because I'm out of ideas.

fourthdimension 28Jan2009 03:28

Re: Obfuscating Malware Signatures to Make Them Unrecognied by Malware Scanners
 
I meant installing firefox to your thumb drive. Look into portable apps.

hanleyhansen 28Jan2009 21:46

Re: Obfuscating Malware Signatures to Make Them Unrecognied by Malware Scanners
 
Yea that worked thanks. Anymore ideas? How can I penetrate the network or something?

fourthdimension 28Jan2009 22:45

Re: Obfuscating Malware Signatures to Make Them Unrecognied by Malware Scanners
 
Sorry. I don't answer the "hack my school" questions. How to bypass excessive access restrictions? Sure, but not much beyond that. It's just too tough to verify that the people asking have the proper permission to hack the network.

hanleyhansen 29Jan2009 01:15

Re: Obfuscating Malware Signatures to Make Them Unrecognied by Malware Scanners
 
Lol. I understand.


All times are GMT +5.5. The time now is 17:23.