Author Archives: darryl

8×8 Script Leads to Infinity Drive-By

The “8×8″ script I’m referring to includes a link that looks like this: hxxp://www.example .com/JB3xd6iX.php?id=87342871 And can be detected using a regular expression that looks something like this: /^.*\/[a-z0-9A-Z]{8}\.php\?id=\d{8}$ One set of links redirect users to social engineering scams (e.g. … Continue reading

Posted in Exploit Packs, Malscript | Tagged , , , , | Comments Off

Wild Wild West – 04/2014

sorry this is so late. added the following packs: “Zuponcic” Infinity (aka “RedKit”, “GoonEK”) Ramayana (aka “DotkaChef”, “DotCacheF”) RSPandorasBox Top-Exp (aka “Magnitude”)

Posted in Exploit Packs | Comments Off

VBE Script Leads to Bank Fraud

I only stumbled on this at the middle so I don’t know how this is being targeted to users. Apparently this particular scam has been out there since at least August 2013 and it’s still up and running. This is … Continue reading

Posted in Malscript | Comments Off

Scout — New Tool Released

Here’s another tool that you might find useful when analyzing potentially infected websites. Scout is Pinpoint on steroids. Scout uses the Pinpoint engine and includes a feature from Revelo that makes this more functional and…risky. Let me explain. Pinpoint downloads … Continue reading

Posted in Tools | Tagged , , , , , | Comments Off

Converter Updated

The latest version includes several new features and bug fixes: Fixed Mixed Octal to Hex function to handle null char at the end Fixed and enhanced code related to keep/strip filtering functions Fixed unescape handling of null bytes Unescape File … Continue reading

Posted in Tools | Tagged , , | Comments Off