Skip to content

EXXX EVASION | Metasploit Antivirus Evasion | Fully Undetectable Payloads

License

Notifications You must be signed in to change notification settings

priyansh-anand/exxx_evasion

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

EXXX EVASION v1.1!

DO NOT UPLOAD TO VIRUSTOTAL.COM INSTEAD USE NODISTRIBUTE.COM


 /$$$$$$$$ /$$   /$$ /$$   /$$ /$$   /$$       /$$$$$$$$ /$$    /$$  /$$$$$$   /$$$$$$  /$$$$$$  /$$$$$$  /$$   /$$
| $$_____/| $$  / $$| $$  / $$| $$  / $$      | $$_____/| $$   | $$ /$$__  $$ /$$__  $$|_  $$_/ /$$__  $$| $$$ | $$
| $$      |  $$/ $$/|  $$/ $$/|  $$/ $$/      | $$      | $$   | $$| $$  \ $$| $$  \__/  | $$  | $$  \ $$| $$$$| $$
| $$$$$    \  $$$$/  \  $$$$/  \  $$$$/       | $$$$$   |  $$ / $$/| $$$$$$$$|  $$$$$$   | $$  | $$  | $$| $$ $$ $$
| $$__/     >$$  $$   >$$  $$   >$$  $$       | $$__/    \  $$ $$/ | $$__  $$ \____  $$  | $$  | $$  | $$| $$  $$$$
| $$       /$$/\  $$ /$$/\  $$ /$$/\  $$      | $$        \  $$$/  | $$  | $$ /$$  \ $$  | $$  | $$  | $$| $$\  $$$
| $$$$$$$$| $$  \ $$| $$  \ $$| $$  \ $$      | $$$$$$$$   \  $/   | $$  | $$|  $$$$$$/ /$$$$$$|  $$$$$$/| $$ \  $$
|________/|__/  |__/|__/  |__/|__/  |__/      |________/    \_/    |__/  |__/ \______/ |______/ \______/ |__/  \__/
                                                                                                                   
                                                                                                                   
                                                                                                                   
            ##########################################################################################
            ######## WARNING : DO NOT TEST THIS EXECUTABLE ON ANY COMPUTER THAT YOU DON'T OWN ########
            ##########################################################################################

Generating fully undetectable meterpreter custom payloads using msfvenom and custom loader template. It bypasses the latest Windows Defender running on Windows 10 Pro 1903 ( Build 18363.693 ) with all updates available till 16th of March, 2020.

Author : Priyansh Anand

Requirements

  • Python 3
  • msfvenom
  • x86_64-w64-mingw32-g++ or g++ ( MinGW G++ Compiler for windows )
  • x86_64-w64-mingw32-windres or windres ( Component of with MinGW )
  • pip3 termcolor

Installation

Execute these commands on your terminal. If installation fails, try using sudo.

$ git clone https://github.com/priyansh-anand/exxx_evasion.git
$ cd exxx_evasion
$ chmod +x setup
$ ./setup
// Now you can delete this folder

Usage

$ exxx_evasion

It will show required info after every step

Features

There are 2 modules in this tool:

  • Undetectable Reverse Shell
    • Doesn't requires Admin Priviledges to run
    • Bypassess all antiviruses including Windows Defender
    • Just an undetectable meterpreter reverse_shell
    • Migrates automatically to explorer.exe just after running
    • Limitations : Triggers Windows Defender if 'getsystem' is executed using meterpreter, however the meterpreter session is not lost and the payload exe file is not detected
  • Persistent Advanced Reverse Shell
    • Requires Admin Priviledges to run
    • Bypassess all antiviruses including Windows Defender
    • Disables Windows Defender permanently using registry ( Can't be turned on without changing registry )
    • Adds all the disk and drives to Defender exclusion list
    • Runs the meterpreter shell as SYSTEM and add it to startup
    • Can execute your custom commands before launching payload ( see main.py )
    • All features and limitataion of the 1st module

TODO

  • Add support for embedding payloads in other exe
  • Add support for adding icons and digital certificates ( spoofed ) to payloads
  • Make all payloads persistent by default

License

MIT

Free Software, Hell Yeah!

Warning

This tool is for educational purposes only. I am not responsible if you do any illegal act using this tool. Use it wisely.

Contribution

If you want to add any new feature or fix any bug, I welcome you to do that. You can also request/suggest for more awesome features to be added in this tool