nerdexam
EC-Council

312-50V10 · Question #218

Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems?

The correct answer is A. msfencode. msfencode applies encoding schemes to Metasploit payloads to transform their byte patterns and evade antivirus signature detection.

Evading IDS, Firewalls, and Honeypots

Question

Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems?

Options

  • Amsfencode
  • Bmsfpayload
  • Cmsfcli
  • Dmsfd

How the community answered

(32 responses)
  • A
    94% (30)
  • B
    3% (1)
  • D
    3% (1)

Why each option

msfencode applies encoding schemes to Metasploit payloads to transform their byte patterns and evade antivirus signature detection.

AmsfencodeCorrect

msfencode applies encoding algorithms such as x86/shikata_ga_nai to shellcode generated by msfpayload, altering the payload's binary signature so it does not match known antivirus definitions. By chaining multiple encoding passes, penetration testers can further reduce the probability of AV detection while preserving the payload's functionality when executed.

Bmsfpayload

msfpayload generates raw shellcode and staged payloads but does not obfuscate or encode them; AV evasion through encoding requires the separate msfencode step.

Cmsfcli

msfcli is a command-line interface for launching and interacting with Metasploit modules and exploits, and provides no payload encoding or AV evasion capability.

Dmsfd

msfd is the Metasploit daemon that listens for remote client connections to the framework and plays no role in encoding payloads or bypassing antivirus systems.

Concept tested: Metasploit msfencode for antivirus signature evasion

Source: https://www.offensive-security.com/metasploit-unleashed/msfencoder/

Topics

#msfencode#antivirus evasion#payload encoding#Metasploit

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice