Metasploit/EvasionOptions

From Wikibooks, open books for an open world
Jump to navigation Jump to search
Metasploit
FAQs

Abstract[edit | edit source]

This module explains how to use the evasion options found in the Metasploit Framework v3.x. It explains how each option works and gives examples of log files likely to be left by the options

Web[edit | edit source]

HTTP::chunked Enable chunking of HTTP responses via "Transfer-Encoding: chunked"

HTTP::compression Enable compression of HTTP responses via content encoding

HTTP::header_folding Enable folding of HTTP headers

HTTP::junk_headers Enable insertion of random junk HTTP headers

PHP::Encode Enable PHP code obfuscation

TCP::max_send_size Maximum tcp segment size

TCP::send_delay Delays inserted before every send

HTML::base64 Enable HTML obfuscation via an embeded base64 html object

HTML::javascript::escape Enable HTML obfuscation via HTML escaping

HTML::unicode Enable HTTP obfuscation via unicode

Windows[edit | edit source]

Other[edit | edit source]

DCERPC::fake_bind_multi (Distributed Computing Environment/Remote Procedure Call) Use multi-context bind calls

DCERPC::fake_bind_multi_append Set the number of UUIDs to append the target

DCERPC::fake_bind_multi_prepend Set the number of UUIDs to prepend before the target

DCERPC::max_frag_size Set the DCERPC packet fragmentation size

DCERPC::smb_pipeio Use a different delivery method for accessing named pipes