PaulDotCom mailing list archives
Re: Webshells Collection
From: Nathan Sweaney <nathan () sweaney com>
Date: Wed, 10 Jul 2013 11:54:45 -0500
Why not have python run a shell command and use the command line version of 7zip to actual zip the files with a password? On Sat, Jul 6, 2013 at 5:22 PM, Adrian Crenshaw <irongeek () irongeek com>wrote:
Thank. Don't think the Python library let's be make zips with a password, but I can pass protect the directory. Adrian On Jul 6, 2013 5:34 PM, "allison nixon" <elsakoo () gmail com> wrote:i suggest you password protect the malware. i've seen people abuse sites like yours by pointing RFI attacks at the malware locations so people are attacked and blame the site owner. a zip file with the password 'infected' is the industry standard. A On Thu, Jul 4, 2013 at 11:00 AM, Adrian Crenshaw <irongeek () irongeek com>wrote:I'm prepping to give my Webshells talk again at OISF and TakeDownCon Rocket City. I like to update things if I give a talk more than once, so I enhanced my script to save an archived copy of the webshells in a zip file so even if the infected host cleans it up (which they really should), it can be examined later. Let me know if I did this in an insecure way to save the files. http://www.irongeek.com/i.php?page=webshells-and-rfis One precaution I took was to limit the saving of webshells to about 1MB. I'm also hoping malware/search engines don't start listing me as hosting malware, which technically I am, but for teaching purposes. -- "The ability to quote is a serviceable substitute for wit." ~ W. Somerset Maugham "The ability to Google can be a serviceable substitute for technical knowledge." ~ Adrian D. Crenshaw _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com-- _________________________________ Note to self: Pillage BEFORE burning. _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Webshells Collection Adrian Crenshaw (Jul 04)
- Re: Webshells Collection allison nixon (Jul 06)
- Re: Webshells Collection Adrian Crenshaw (Jul 10)
- Re: Webshells Collection Tim Krabec (Jul 13)
- Re: Webshells Collection Nathan Sweaney (Jul 13)
- Re: Webshells Collection allison nixon (Jul 13)
- Re: Webshells Collection Adrian Crenshaw (Jul 10)
- Re: Webshells Collection allison nixon (Jul 06)