Windows 8 & Bit Defender 2013 Being Defeated By Metasploit

DrHaze

Metasploit.com and Doktor Cranium. Video showing defeat of bitdefender 2013 and windows 8

Very Blurry but shows bitdefender 2013 defeated.

Cleaned up copy here. VERY CLEAR copy below..scroll down after clicking on link and click slow download

http://luckyshare.net/3418940662/Bitdefender 2013 64bit bypass and unload.wmv

Enjoy Clean Copy.The Actually sell the metasploit pro kit....it's says testing tool but very abused..

:blink:

Find more posts tagged with

Comments

columbo

Let me ask a few questions here, please, and help me to understand

1) 20 seconds into the video, Doktor Cranium shows us Settings. Why are there only the General setting, where were the AV/Update/Privacy Control/ID Theft Protection settings? Is this a corrupted instal, right from the beginning? What build# is it, and what has been patched, fixed and applied since Oct. of 2012?

2) Why not use the Suite version, with it's very capable Firewall?

3) The software, Metasploit is obviously not considered malware by BD, and thus is user initiated without BD flagging it, by the user..user controlled and manipulated.

4) Also, the Admin Commands entered, are user initiated, and not malware manipulated.

So my question is, with the above questions, how much does the average user have to worry about if they're not manipulating and initiating a software from within the OS? This would have to be quite the malicious file download, as to be able to do what's shown in the video, and would BD recognize such a file and process?

Thanks for your helpful insights, to give me better understanding

columbo

Is the issue reported in post# 1, along the same lines as this? http://forum.bitdefender.com/index.php?showtopic=37609

columbo

------

What if the attacker finds a way to gain access on your remote application?

Then you're right, that's what would have to happen in the scenario provided in this thread...and that is my question. Everything was user controlled and manipulated within the OS, by known good software (BD Whitelisted?), so hopefully BD would recognize a "brute force attack"..and if not, then, "it"s the end of the world as we know it"...and the Mayans were right (sorry, needed a little levity)

I'm willing to learn, so please, with this above, and previous post reasoning, let me know my errors. Yes, and as we all know, NO AV software can be/is perfect.....but this BD, not to bad, even if it looks like I'm a fanboy

columbo

And, I guess in thinking about it, is even though it was user manipulated, by a known good software, that Bitdefender's self protect mode should have flagged it (Bitdefender itself) as being manipulated, and or disabled?

columbo

For those posting here, yes, do have issues, yet how many users are doing just fine? (as in my case) It is still a work in progress, getting some of these issues/glitches/bugs, whatever you want to call them, worked out, especially with a new OS in Windows 8, and with the new BD W8 security and getting them to work together. They may at times push a product out before its time, and we have to be the troubleshooters....unfortunately

werby3

Hello,

I Know a better and easier way to turn off BD. You can turn off all security functions from main window or go to safe mode and stop all BD services...

Now in serious. Do you believe that if a downloaded .exe or whatever file try to do what "Metasploit" does (but silently), BD (or any other A/V) won't stop it? I cannot believe that.

Have in mind, nothing in real world is unbeatable. Consider CIA, FBI etc. which they cannot 100% prevent their systems even from 12 years old hackers.

Of course there will be always some ways to stop an A/V.

I personally have seen my BD services stopped (in normal and not in safe mode) by BDsupport person (remotely, in the good past days of BDsupport) which, as we know, is impossible for us.

So, I think, what "Metasploit" can do is not a big deal.

P S: Once again, it's the lack of BDsupport that makes users like BigProblem acting like that and not BD products.

Regards

werby3

...I don't want to believe that...although it's possible.

coolcool1227

He disable Bitdefender AV 2013 installed on Virtual Machine from Real Environment. Non-properly configured and low featured product type (AV instead of IS) used for testing. Lets see what would be the reply from technical support.