Dailydave mailing list archives

Re: Blog spam, obfuscated javascript and more!

From: Petja van der Lek <lek () xs4all nl>
Date: Mon, 28 Jul 2008 17:22:13 +0200

A word of warning might be in order: the PDF is filled with hyperlinks 
to (presumably) live malware sites. Navigating the document is therefore 
not unlike playing Minesweeper. Red flags are not powerups but mean 
"danger". Mis-click to get pwned. Stuff like that. You might want to use 
a reader that at least asks for confirmation before it serves up the 
site in your browser (a quick test shows that Adobe Reader 7 as a 
Firefox plugin happily opens a link without asking anything, for instance).

That said, it's an excellent read!

Cheers,
Lek.

val smith wrote:

Don't know how many of you care about malware stuff but just in case,
we released a paper on OC:

http://www.offensivecomputing.net/papers/valsmith_colin_blog_spam.pdf

Its pretty rough and disorganized but covers some reversing, analyzing
obfuscated javascript, and the potential home IP of one of the
"attackers".

V.

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Blog spam, obfuscated javascript and more! val smith (Jul 28)
- Re: Blog spam, obfuscated javascript and more! Petja van der Lek (Jul 28)
  - Re: Blog spam, obfuscated javascript and more! Dave Korn (Jul 28)
    - Re: Blog spam, obfuscated javascript and more! Petja van der Lek (Jul 28)
  - Re: Blog spam, obfuscated javascript and more! val smith (Jul 28)