Windows 11: Defender bypass with sandbox evasion

Windows[German]It looks like Windows Defender can be bypassed, allowing malware to evade the sandbox and access the operating system. A piece of information just came to my attention where a security researcher outlines this exact scenario for Windows 11. Here's what I've seen so far.


The following tweet from security researcher @an0n_r0 contains only a little information, but it allows various conclusions to be drawn.

Windows 11: Defender bypass

The security researcher has chosen Windows 11 to test the security of Windows Defender. The aim is to break out of a checked program via a malicious function in the sandbox, which is supposed to isolate precisely this malicious code. The next step is to write a previously encrypted shell code contained in the malicious code into the memory. If this succeeds, a process must then be created in the supended state, and the shell code already present in memory must be copied to the allocated memory area.

Once these steps are mastered, the process in question can be triggered remotely and the shell code executed. In the above tweet, the screenshots show that these exact steps worked and the shellcode is able to retrieve data from Windows and display it in an input window.

The Meterpeter approach

The security researcher does not provide details on how he managed these steps, but does drop the comment "it works with Meterpeter." Meterpreter is a payload for Metasploit attacks, according to this page, and provides an interactive shell. Through this shell, an attacker can explore the target computer and execute code. Meterpreter is deployed using in-memory DLL injection, and the malicious code resides entirely in memory. Nothing is written to the hard drive, i.e. it is file less malware. No new processes are created in the original version either, as Meterpreter injects itself into the compromised process. From there, it can then migrate to other running processes. The forensic footprint of such an attack very limited.


On this page you can still learn that Meterpreter stands for a dynamically extensible payload that uses in-memory DLL injection stagers and is extended over the network at runtime. Meterpreter communicates via the stager socket and provides a comprehensive client-side Ruby API. It provides command history, tab completion, channels and more.

Meterpeter was originally written by skape for Metasploit 2.x common extensions were merged for 3.x and are currently being refactored for Metasploit 3.3. The server part is implemented in plain C and is now compiled with MSVC, making it reasonably portable. The client can be written in any language, but Metasploit has a fully functional Ruby client API.

Metasploit is a computer security project that provides vulnerability information and can be used in penetration testing and IDS signature development. The best-known subproject is the free Metasploit Framework, a tool for developing and executing exploits against distributed targets. Other important subprojects include the shellcode archive and research in IT security.

Small C code loader

Apparently, the frameworks and tools included in this project are enough to enable the approach outlined above of breaking out of the Windows Defender sandbox and then looking around the operating system. However, security researcher @an0n_r0 has since come forward and writes that his motivation was to enable a minimal bypass without using a framework. The loader used was small and written in C. For obfuscation, a simple rc4 encoding was implemented for the shell code in the loader. The actual bypass relies on a basic username check. To prevent detection by Defender, no valid rc4 decryption of the shell code occurs if the current username is not the target.

Currently, there is no proof of concept code that has been published – but the tweet shows that even this secured Windows 11 can probably be attacked via Defender using the simplest means. Another security researcher announces that he is working on something similar and plans to publish details at the end of October 2021.

Cookies helps to fund this blog: Cookie settings

This entry was posted in Security, Windows and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *