Re: malware analysis
- From: Dave <davidct1209@xxxxxxxxx>
- To: programmingblind@xxxxxxxxxxxxx
- Date: Sat, 3 Jul 2010 18:21:56 -0700
At initial read of your message, it sounds like a cross-site scripting
attack. I'm not sure of any browsers that render binary code within
script tags, so not sure what that is since usually xxs attacks inject
java script running in the user's security context.
On 7/3/10, Jackie McBride <abletec@xxxxxxxxx> wrote:
> Hay, yall:
>
> I was just thinkin (& that's always dangerous for me), but, now that
> I've come out of my lurking hole, perhaps I'll keep my head out just a
> bit longer & ask this. I hammered a virus off of a website the other
> day. For whatever reason, it got my curiosity up, & I was rather
> wondering exactly what its code does. So: any1 got any ideas of how to
> analyze that? It looked like a compiled script (at least there were
> <script> </script> tags, but between those tags was output that 1
> would associate w/a binary file.
>
> I sure would like to know precisely what it does. I'm also surprised
> that out of several A V apps I tested, the only 1 to pick it up was
> Avast. Still, I know it did not belong in that site, given the source
> of other pages that I saw on the same site that weren't infected.
>
> --
> Change the world--1 deed at a time
> Jackie McBride
> Scripting Classes: http://jawsscripting.lonsdalemedia.org
> homePage: www.abletec.serverheaven.net
> For technophobes: www.technophoeb.com
> __________
> View the list's information and change your settings at
> //www.freelists.org/list/programmingblind
>
>
__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind
Other related posts:
