Collaborate Disseminate
My friend asked me why his website seems weird on Google and why meta title seems to be “トリプルフローアイロン”.
After checking request logs on his hosting panel and checking files on FTP, it’s clear that the website was hacked by someone who wants … Continue reading Decrypting hacked wordpress files
Our system produces preview images of A4 documents, which contain sensitive data (email, phone numbers, social networks and adresses) of our users. We would like to save those preview images in our cloud, to later present them to the corre… Continue reading Extraction of sensitive data out of down- scaled images
These days, most websites minify & concatenate their code.
Are there techniques to identify open-source libraries within minified, concatenated code?
I’m mostly interested so I can focus analysis on non-library code, but also to spot o… Continue reading How can I identify open-source JavaScript libraries within minified code?
Its a 3.37MB batch file. When opened in Notepad/++ it’s all Chinese and some unknown characters. It’s still remaining largely undetectable despite being launched in the wild more than 2 days ago, specifically against financial institutions… Continue reading Can anyone decipher this .BAT malware? [closed]
I’m looking at a potential phishing site and I see that some of the HTML is obfuscated. It’s not Base64. All the links look like this:
<link
href="6bkaQeQe69e/st-oU9kY4its4s5Zz2ykykffaNIgaVVtdtPSne0d3bxTbrLcyxygfAd0LXBQWdxowKsvc7G… Continue reading Obfuscated HTML [closed]
My website got hacked and the hacker snip this code in my index.php, i dont understand this, have try many tools online to de obsufuscated but not work at all
<?php
$O00OO0=urldecode("%6E1%7A%62%2F%6D%615%5C%76%740%6928%2D%70%78%7… Continue reading What does this malware PHP script do? [closed]
Today, I published the following diary on isc.sans.edu: “Deobfuscation of Malware Delivered Through a .bat File“: I found a phishing email that delivered a RAR archive (password protected). Inside the archive, there was a simple .bat file (SHA256: 57ebd5a707eb69dd719d461e1fbd14f98a42c6c3dcb8505e4669c55762810e70) with the following name: “SRI DISTRITAL – DPTO DE COBRO -SRI
The post [SANS ISC] Deobfuscation of Malware Delivered Through a .bat File appeared first on /dev/random.
Continue reading [SANS ISC] Deobfuscation of Malware Delivered Through a .bat File
During my bug hunts, I have encountered many minified js files like this:
var r = n(3062);
function i(t) {
var e = (0,
r.Z)(t)
, n = e.overflow
, i = e.overflo… Continue reading How to analyse minified js code for XSS and other issues [closed]
Kaspersky research into dark web offers related to Android malware and its distribution via Google Play: hacked app developer accounts, malicious loaders, etc. Continue reading Overview of Google Play threats sold on the dark web
I’m trying out home automation using a Raspberry Pi Pico with Wifi. To connect to wifi I have to send SSID and password. Since the controller has no external interface other than the Wifi, how would most efficiently I protect the password?… Continue reading How to protect wifi credentials on RP Pico W? [migrated]