Slashdot has a discussion of the Rob Lemos article from Security Focus.
Chamuco did a bunch of work on improving the search interface. If you are logged into the site you can see MalSearch at the top right. You can now search on anything, not just md5sums.
The results include:
- md5,sha1,sha256 sums
- AV scan results
- Packer detection
- a copy of the sample
- a test version of the report
PE header info
Good job chamuco!
Welcome to the Offensive Computing open malware research project. If you're reading this you may (or may not) be interested in researching malware. There are a few different ways that you can contribute. You can upload your malware samples, download the samples, or discuss them.
Well several major milestones have been reached:
- We have passed over 1000 unique registered users.
- We are rapidly approaching 1 million hits.
- The automated malware analysis / classifier is up and running
- People are contributing to the new database
Several other exciting things are in the works and hopefully we will be able to announce them soon.
Let us know what you think, especially about the new autoanalysis too.
I just want to take a minute to thank the OffensiveComputing staff, our users and contributers, our affiliates (especially metasploit) for all the hard work and support.
Here at OC we've been toiling hard into the night to bring updated site features. Please bear with us as we make the final push on the site software. Updates and more content are forthcoming!
Offensive Computing has been aquired by a prominent Anti-Virus vendor for a sum close to 13 million dollars.
The vendor's name will be announced once all the legalities of the agreement have been completed. The vendor plans to convert the site into a vetted, yearly subscription service. The yearly subscription fee for access to the site and malware collection will be set at right around $20,000 dollars.
The current Offensive Computing team will become part of the AV company's research arm in a configuration similar to the l0pht/At Stake merger.
We just want to take this moment to thank all our supporters and members and encourage everyone to sign up for the new service once it comes online (assuming you pass the vetting process that is).
Does anyone have a sample which listens on a port for one reason or another? Doesn't matter if its windows or linux. An example is sasser listens on 5554 for ftp. (we already have that)
Not looking for something that just opens a shell on a port like netcat (we have those) but maybe a worm that propegates some how like that; say using http or ftp, etc.
Email me (valsmith at metasploit dot com)
this is just a test - there is nothing more to see here.
It's not that I'm an uninteresting person, mind you. I just don't care about providing a level of entertainment for you, dear user. It's not that I don't like you, per se. It's just that I don't care.
BTW: You look great today. I've not seen a more attractive smile amongst the other humans.
So you might have noticed that OffensiveComputing was acting strangely, broken database, or generally down during the last 24 hours. Basically several things happendd.
We use a vhost and it ran out of space (thanks for all the malware contributions!). A symptom of this is a database error. So I took steps to purchase more space which got increased by our provider sometime during the night. When I booted up my brain this morning I saw that both apache and the database daemons were not running for some reason and so I started them both and we are back up.
This illustrates a couple of issues. Primarily that I am not a web person/sysadmin and I have no interest in being one. (I got over that when geocities was still cool :)