Collaborate Disseminate
I’m looking at a potential phishing site and I see that some of the HTML is obfuscated. It’s not Base64. All the links look like this:
<link
href="6bkaQeQe69e/st-oU9kY4its4s5Zz2ykykffaNIgaVVtdtPSne0d3bxTbrLcyxygfAd0LXBQWdxowKsvc7G… Continue reading Obfuscated HTML [closed]
My website got hacked and the hacker snip this code in my index.php, i dont understand this, have try many tools online to de obsufuscated but not work at all
<?php
$O00OO0=urldecode("%6E1%7A%62%2F%6D%615%5C%76%740%6928%2D%70%78%7… Continue reading What does this malware PHP script do? [closed]
Today, I published the following diary on isc.sans.edu: “Deobfuscation of Malware Delivered Through a .bat File“: I found a phishing email that delivered a RAR archive (password protected). Inside the archive, there was a simple .bat file (SHA256: 57ebd5a707eb69dd719d461e1fbd14f98a42c6c3dcb8505e4669c55762810e70) with the following name: “SRI DISTRITAL – DPTO DE COBRO -SRI
The post [SANS ISC] Deobfuscation of Malware Delivered Through a .bat File appeared first on /dev/random.
Continue reading [SANS ISC] Deobfuscation of Malware Delivered Through a .bat File
During my bug hunts, I have encountered many minified js files like this:
var r = n(3062);
function i(t) {
var e = (0,
r.Z)(t)
, n = e.overflow
, i = e.overflo… Continue reading How to analyse minified js code for XSS and other issues [closed]
Kaspersky research into dark web offers related to Android malware and its distribution via Google Play: hacked app developer accounts, malicious loaders, etc. Continue reading Overview of Google Play threats sold on the dark web
I’m trying out home automation using a Raspberry Pi Pico with Wifi. To connect to wifi I have to send SSID and password. Since the controller has no external interface other than the Wifi, how would most efficiently I protect the password?… Continue reading How to protect wifi credentials on RP Pico W? [migrated]
A friend found several suspicious PHP files on his server when we was upgrading his Wordpress install. They are all in the public_html folder and the filenames are the name of his domain with seemingly random digits next it.
I’ve "bea… Continue reading Found several potentially malicious PHP files but not sure what they are doing? [duplicate]
As I understand, code obfuscation is used to make reverse engineering difficult/hard for the adversaries/red team.
Now if I use a source code obfuscator where a .C/.CPP file is used as input and an obfuscated .C/.CPP file is generated, sho… Continue reading Code obfuscation and source code repositories
For an embedded IoT product running linux, digital signature validation of new firmware package is performed by a startup script file. For maintenance and troubleshooting purposes, the product does support a user account. As in the case of… Continue reading Obfuscation of scripts
How to obfuscate ssh connection using obfsproxy (obfs4proxy) ?
What is the configuration on Linux for obfs4proxy and openssh-server (ex. /etc/ssh/sshd_config) ? (server-side)
What is the configuration on Windows/Linux for obfs4proxy and po… Continue reading How to mask ssh using obfsproxy? [migrated]