Dailydave mailing list archives
Re: Blog spam, obfuscated javascript and more!
From: Petja van der Lek <lek () xs4all nl>
Date: Mon, 28 Jul 2008 17:22:13 +0200
A word of warning might be in order: the PDF is filled with hyperlinks to (presumably) live malware sites. Navigating the document is therefore not unlike playing Minesweeper. Red flags are not powerups but mean "danger". Mis-click to get pwned. Stuff like that. You might want to use a reader that at least asks for confirmation before it serves up the site in your browser (a quick test shows that Adobe Reader 7 as a Firefox plugin happily opens a link without asking anything, for instance). That said, it's an excellent read! Cheers, Lek. val smith wrote:
Don't know how many of you care about malware stuff but just in case, we released a paper on OC: http://www.offensivecomputing.net/papers/valsmith_colin_blog_spam.pdf Its pretty rough and disorganized but covers some reversing, analyzing obfuscated javascript, and the potential home IP of one of the "attackers". V.
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Blog spam, obfuscated javascript and more! val smith (Jul 28)
- Re: Blog spam, obfuscated javascript and more! Petja van der Lek (Jul 28)
- Re: Blog spam, obfuscated javascript and more! Dave Korn (Jul 28)
- Re: Blog spam, obfuscated javascript and more! Petja van der Lek (Jul 28)
- Re: Blog spam, obfuscated javascript and more! val smith (Jul 28)
- Re: Blog spam, obfuscated javascript and more! Dave Korn (Jul 28)
- Re: Blog spam, obfuscated javascript and more! Petja van der Lek (Jul 28)