Well several major milestones have been reached:
- We have passed over 1000 unique registered users.
- We are rapidly approaching 1 million hits.
- The automated malware analysis / classifier is up and running
- People are contributing to the new database
Several other exciting things are in the works and hopefully we will be able to announce them soon.
Let us know what you think, especially about the new autoanalysis too.
I just want to take a minute to thank the OffensiveComputing staff, our users and contributers, our affiliates (especially metasploit) for all the hard work and support.
Has anyone come across a sample of Trojan.Randsom.A ( http://www.symantec.com/avcenter/venc/data/trojan.randsom.a.html )? I have been looking for a copy and have been unsuccessful in my search.
Thanks for your help.
Hello folks, let me introduce myself.
I'm Nomenumbra, a random netizen with a great interest in computer security. My interests lie with the offensive side of computer security, including malware research.
Well, I recently remembered i'd signed up to this webpage, which is a great initiatize which I, as a VX researcher'd like to contribute to.
I wrote a short series of VX reversing articles for you to enjoy (i hope :) ):
I've been running into many proverbial brick walls trying to track this down and I know it's public. I believe I use to have it but figuring out which hard drive it "might" have been on is a daunting task especially at the moment. I can only hook 2 HD's up to one pc at a time(of 2 pc's total at the moment) so it is a bit of a pain. I am not in the business of spreading viruses and not some script kiddie. I am 34yrs old not 14 okay. ;) I have read papers and descriptions on the pest and some of it's variants. Some info was useful depending on technical level and depth of study but this is no substitute for the actual original source code or any variant's sources that may be public. A true understanding would only be best grasped by source code not a general idea of the routes and methods of infection and I seek a whole understanding and collect source codes. Please do not suggest a document on the subject (pdf,ppt, word doc or other) I probably have it already or could find it easily, but thanks. If someone has it I would apreciate a link or upload of attachment here or if for some reason, though doubtful, you are more inclined to want to use email than mine is:
Thanks very much to scarlett pimpernell
SymbOS.Commwarrior.C is a worm that replicates on Series 60 phones. It attempts to spread using Bluetooth, Multimedia Messaging Service (MMS), and Multmedia Cards (MMC) as a randomly named .sis file. It has been reported that one of the possible file names is SymCommander_1_06.sis.
I picked up this on from the email I received. It had URL to a site hosting the .exe (postcard.jpg.exe) and I got a chance to download the malware.
- postcard.jpg.exe/data.rar/script.ini - infected
- postcard.jpg.exe/data.rar/svchost.exe - infected by Virus.Win32.Parite.b
- postcard.jpg.exe/data.rar/sup.reg - infected by Backdoor.IRC.Zapchast
Note: It's quite interesting to see that Kapersky extracts other files in the *.exe.
Here at OC we've been toiling hard into the night to bring updated site features. Please bear with us as we make the final push on the site software. Updates and more content are forthcoming!
Anyone have any samples of this please?
Our friend lin0xx just sent us this cool new tool he made called sc_frmt.
Its basically a shellcode formatter written in ruby so that you can take gdb output and have it formatted into various languages shellcode style.
Feedback goes to lin0xx [at] gmail.com
Check it out!