0008312: Package may have a trojan: Trojan:PowerShell/Powersploit.L

ID	Project	Category	View Status	Date Submitted	Last Update

0008312	Kali Linux	Kali Package Bug	public	2023-05-16 22:26	2023-05-17 03:05

Reporter	shadowwraith	Assigned To	arnaudr
Priority	normal	Severity	block	Reproducibility	always
Status	closed	Resolution	fixed
Product Version	2023.1

Summary	0008312: Package may have a trojan: Trojan:PowerShell/Powersploit.L
Description	path:\pool\main\p\powersploit\powersploit_3.0.0+git20200817.d943001-0kali1_all.deb This file appears to be infected with the Trojan:PowerShell/Powersploit.L
Steps To Reproduce	Use RUFUS.ie to create an image using the https://cdimage.kali.org/kali-weekly/kali-linux-2023-W20-installer-amd64.iso SHA256sum 99d4e533ca485f4d9052dc328154a5b458f239ca6ca2c90fbbf0eb22f1e48308 As Rufus creates the USB Defender detects presence of exploit.

arnaudr 2023-05-17 01:51 manager ~0017954	Kali Linux is an open-source, Debian-based Linux distribution geared towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics and Reverse Engineering. So of course, Windwos Defender and stuff will find known malware/trojan/exploit/whatever in there. In Kali Linux, those are here for the purpose of studying it and working with it. In short: ignore the warning. We probably should document it better.

arnaudr 2023-05-17 03:05 manager ~0017955	I update the doc to mention that those warnings should be ignored

Date Modified	Username	Field	Change
2023-05-16 22:26	shadowwraith	New Issue
2023-05-17 01:51	arnaudr	Note Added: 0017954
2023-05-17 03:05	arnaudr	Note Added: 0017955
2023-05-17 03:05	arnaudr	Assigned To	=> arnaudr
2023-05-17 03:05	arnaudr	Status	new => closed
2023-05-17 03:05	arnaudr	Resolution	open => fixed