« LIKE, omg! | Main | [Honeypot Alert] Large Scale LFI Attack From Brazillian Domains »

21 March 2012

Comments

Would it be possible to upload the ruby script for the encryption/decryption to github like you did with the previous scripts ?

Thanks for the information. I never knew there was so much involved for network diagram or as the french say logiciel de diagramme réseau. I can't wait to come back and read the great information on this blog. I assume this is manual network diagramming? I was searching on the web to get a better understanding of this process and I came across a site that allowed you to diagram automatically with a program. (http://www.whatsupgold.com/products/whatsup-gold-plugins/whatsconnected/ ) Ever heard of it? This fascinating field really peaks my interest. Thanks for sharing this great post.

Correct on both points. We'll get those corrected ASAP. Thanks for the feedback!

-JG

Great walkthrough esp for us who rarely get to do this and are thus woefully rusty and never see the cool new tricks. Thanks very much.

Just thought I'd also mention a couple of what I think are typos.
1. "Finally, the malware takes the 0xA0 value and adds..." -- I believe it should be 0xF0.
2. "Finally, we take the rightmost 4 bytes and convert..." -- I believe it should be nibbles, or two bytes, or whatever you want to call it.

Thanks again

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment