Skip navigation.

katsumi's blog

ZLOB sexy codec & Co


i think you know, sexycodec and fake AVs were propagated using e.g.
blog spamming
search engines
fake pronsites
hacked bbs and blogs

if case 'hacked', they use obfuscated javascript to do a 'document.write'.
both, sexycodec and fakeAV, are using the same "obfuscating engine".
play with their parameters and you are able to generate your "malware threat of the day"
by using their own cgi script.

will send something like this:

easy detection of honeytrap


if you'r runnig honeytrap,
you should have a look at the way i try to detect it.
Again it's based on NetCat dump and again it is a module for a simple rbot,
just to demonstrate how easy it is to find the honeys,
even if you are a noob.

using for illegal things is prohibited

awaiting your comments

Syndicate content