Endless Paradigm / Computers & Tech / Crazy Computer / Test Your Anti

Post Reply 
Test Your Anti
Author Message
diego
poof

Posts: 7,826.1659
Threads: 264
Joined: 22nd Jun 2007
Reputation: 1.80067
E-Pigs: 37.4012
Offline
Post: #31
RE: Test Your Anti
ESET got it as soon as I saved it.
[Image: cce6aa9e-c40c-4ae7-aebe-d7780d6fc009.gif]
22/12/2009 08:29 PM
Find all posts by this user Quote this message in a reply
ZiNgA BuRgA
Smart Alternative

Posts: 17,022.2988
Threads: 1,174
Joined: 19th Jan 2007
Reputation: -1.71391
E-Pigs: 446.1294
Offline
Post: #32
RE: Test Your Anti
Any *good* AV app shouldn't be relying on instances of certain strings to be present >_>
22/12/2009 08:31 PM
Visit this user's website Find all posts by this user Quote this message in a reply
Joom
WOOP
Worlds End

Posts: 4,206.7320
Threads: 417
Joined: 20th Mar 2009
Reputation: 5.41709
E-Pigs: 134.1772
Offline
Post: #33
RE: Test Your Anti
Is there any actual anti that does that?
[Image: ROVBdMh.png]
3DS Friend Code: 5000-6045-4964
28/12/2009 12:40 AM
Find all posts by this user Quote this message in a reply
Starfox444
Able One

Posts: 58.3312
Threads: 2
Joined: 12th Dec 2009
Reputation: 0.98386
E-Pigs: 1.5387
Offline
Post: #34
RE: Test Your Anti
ZiNgA BuRgA Wrote:Any *good* AV app shouldn't be relying on instances of certain strings to be present >_>

If they don't detect viruses based on their coding, how will they find them?
28/12/2009 08:43 AM
Find all posts by this user Quote this message in a reply
ZiNgA BuRgA
Smart Alternative

Posts: 17,022.2988
Threads: 1,174
Joined: 19th Jan 2007
Reputation: -1.71391
E-Pigs: 446.1294
Offline
Post: #35
RE: Test Your Anti
Am not sure.  But an ASCII printable string certainly should not be used to judge whether a virus is one or not.  At the very least, it should base judgements on binary strings.  I would say that hashing is perhaps more reliable.
Though I've never trusted AV anyway, since it's extremely easy to bypass.  With the above example, if that string really is what it looks for, simply changing it gets this "virus" past your AV.
28/12/2009 11:42 PM
Visit this user's website Find all posts by this user Quote this message in a reply
defdock
most hated user =(

Posts: 226.6330
Threads: 29
Joined: 25th Nov 2009
Reputation: 0.25681
E-Pigs: 367.9517
Offline
Post: #36
RE: Test Your Anti
ZiNgA BuRgA Wrote:Am not sure.  But an ASCII printable string certainly should not be used to judge whether a virus is one or not.  At the very least, it should base judgements on binary strings.  I would say that hashing is perhaps more reliable.
Though I've never trusted AV anyway, since it's extremely easy to bypass.  With the above example, if that string really is what it looks for, simply changing it gets this "virus" past your AV.

yeah i changed it and it was undetected. i changed "eicar" to frogg and it didnt pic it up.
[Image: SIGGY-1.gif]

2 psps

1 with 5.50 gen D2
1 with 5.00 m33-6 (also O button is gba button, and umd drive is gone.)

http://d3fd0ck.mybrute.com
28/12/2009 11:49 PM
Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 4 Guest(s)

 Quick Theme:


Privacy Policy | Endless Paradigm | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication