Using the killav.rb script to disable the antivirus programs

In the previous recipe, we focused on various techniques that can be implemented to bypass the client-side antivirus protection and open an active session. Well, the story doesn't end here. What if we want to download files from the target system, or install a keylogger, and so on? Such activities can raise an alarm in the antivirus. So, once we have gained an active session, our next target should be to kill the antivirus protection silently. This recipe is all about deactivating them. Killing antivirus is essential in order to keep our activities undetected on the target machine.

In this recipe, we will be using some of the Meterpreter scripts available to us during an active session. ...

Get Metasploit Penetration Testing Cookbook - Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.