Mal...where?

Fighting the Global War on Malicious Code

Silly Spammer...
Tuesday, April 03, 2007

Looks like someone needs to work on their l33t h4x0r skills...I received a spam e-mail to a class listserve with a link to a PNG file hosted at ImageShack. Assuming it to be malicious (as it probably is/was), I WGET'ed it, CURLed it, and did my best to try and get it, even Sandboxing my browser and just visiting the link with NoScript denying globally (yes, I was that frustrated). Then I looked at the link:

hxxp://[REMOVED]imageshack.us/my.php?image=w7xp5.png

The guy didn't send the web address -- he spammed the link from his own logged-in session on the site. Meaning, sans cookie or hidden fields in the site's HTML, there's no session data, nothing to point to his file uniquely, and just a redirect to the main page. Oops.

(And I was all excited to dissect some malware, too...)

- David

Labels: ,

posted by David @ 11:39 AM,

0 Comments:

Post a Comment

<< Home


Web This Blog

About me

    I'm David From Atlanta, Georgia, United States -- I'm a Computer Science undergrad at Emory University seeking to go into Network Security after grad school. More than that, I am a follower of Christ and a Christian, living the Journey and learning from others who are doing the same. My family and home rest in Fredericksburg, VA.
    My profile

Archives

Previous Posts

Helpful Sites

Favorite Forums

Favorite Blogs

Powered By

Powered by Blogger>