nmap_service.exe is now encoded locally by xor'ing each byte by 0xFF. It is decoded in line before it is uploaded. This is to prevent antivirus false positives from picking it up.

2025-12-21 23:19:03 +00:00 · 2010-01-23 16:56:49 +00:00
parent 49d8db7ba5
commit 13f8f95a5f
4 changed files with 42 additions and 2 deletions
--- a/nselib/data/psexec/encoder.c
+++ b/nselib/data/psexec/encoder.c
@@ -0,0 +1,30 @@
+/* encoder.c
+ * By Ron Bowes
+ * Created January 23, 2010
+ *
+ * This program encodes (or decodes) a .exe file (or any other kind of file)
+ * to be uploaded by smb-psexec.nse. This will prevent antivirus on the
+ * scanner from picking up the file, but not on the target. That's probably
+ * best. 
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+int main(int argc, char *argv[])
+{
+	int   ch;
+
+	/* Check the argument. */
+	if(argc != 1)
+	{
+		fprintf(stderr, "Usage: %s < infile > outfile\n", argv[0]);
+		return 1;
+	}
+
+	/* Retrieve + encode each character till we're done. */
+	while((ch = getchar()) != EOF)
+		printf("%c", ch ^ 0xFF);
+
+	return 0;
+}