As time went by, and Metasploit became the tool to use for exploitation, security vendors started to detect and stop exploits from running. As we have seen in the previous chapter, some did this by detecting the encoders used, others simply by detecting the default certificate used to encrypt the communication between the payloads and the listener. One approach to bypassing these solutions is to combine the use of custom encoders and trusted certificates.
Bypassing antivirus and IDS/IPS
How to do it...
In this recipe, we will combine several bypass techniques in order to successfully bypass antivirus and IDS/IPS solutions.
- First, we will create the payload using the bf_xor custom encoder used in the previous chapter...