PaulDotCom mailing list archives
Re: Webshells Collection
From: Tim Krabec <tkrabec () gmail com>
Date: Wed, 10 Jul 2013 10:27:55 -0400
try this http://stackoverflow.com/questions/17250/create-an-encrypted-zip-file-in-python On Sat, Jul 6, 2013 at 6:22 PM, Adrian Crenshaw <irongeek () irongeek com>wrote:
Thank. Don't think the Python library let's be make zips with a password, but I can pass protect the directory. Adrian On Jul 6, 2013 5:34 PM, "allison nixon" <elsakoo () gmail com> wrote:i suggest you password protect the malware. i've seen people abuse sites like yours by pointing RFI attacks at the malware locations so people are attacked and blame the site owner. a zip file with the password 'infected' is the industry standard. A On Thu, Jul 4, 2013 at 11:00 AM, Adrian Crenshaw <irongeek () irongeek com>wrote:I'm prepping to give my Webshells talk again at OISF and TakeDownCon Rocket City. I like to update things if I give a talk more than once, so I enhanced my script to save an archived copy of the webshells in a zip file so even if the infected host cleans it up (which they really should), it can be examined later. Let me know if I did this in an insecure way to save the files. http://www.irongeek.com/i.php?page=webshells-and-rfis One precaution I took was to limit the saving of webshells to about 1MB. I'm also hoping malware/search engines don't start listing me as hosting malware, which technically I am, but for teaching purposes. -- "The ability to quote is a serviceable substitute for wit." ~ W. Somerset Maugham "The ability to Google can be a serviceable substitute for technical knowledge." ~ Adrian D. Crenshaw _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com-- _________________________________ Note to self: Pillage BEFORE burning. _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-- Tim Krabec Kracomp 772-597-2349 www.kracomp.com tkrabec.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Webshells Collection Adrian Crenshaw (Jul 04)
- Re: Webshells Collection allison nixon (Jul 06)
- Re: Webshells Collection Adrian Crenshaw (Jul 10)
- Re: Webshells Collection Tim Krabec (Jul 13)
- Re: Webshells Collection Nathan Sweaney (Jul 13)
- Re: Webshells Collection allison nixon (Jul 13)
- Re: Webshells Collection Adrian Crenshaw (Jul 10)
- Re: Webshells Collection allison nixon (Jul 06)