Comments on: Revealing Blackhat Web Shell Choices http://bechtsoudis.com/2012/03/28/revealing-blackhat-web-shell-choices/#utm_source=rss&utm_medium=rss&utm_campaign=revealing-blackhat-web-shell-choices Driven by Passion for Challenges Thu, 10 Apr 2014 08:41:30 +0000 hourly 1 http://wordpress.org/?v=3.9.2 By: anestisb http://bechtsoudis.com/2012/03/28/revealing-blackhat-web-shell-choices/#comment-188 Thu, 29 Mar 2012 18:29:42 +0000 http://bechtsoudis.com/?p=1278#comment-188 Appreciate the info as I wasn’t familiar with the “Web Malware Collection” project.

Any samples regarding relative bot actions are welcome. And of course you can send me a private email if data public disclosure is not the best option.

]]> By: infodox http://bechtsoudis.com/2012/03/28/revealing-blackhat-web-shell-choices/#comment-187 Wed, 28 Mar 2012 18:33:01 +0000 http://bechtsoudis.com/?p=1278#comment-187 Amazing analysis, and thank’s a million for the samples, which will be added to our “Web Malware Collection” within 24 hours.
You may find said collection here:
http://insecurety.net/projects/web-malware/

as for the scanning bots, I may have some samples of the IRC bot used in these attacks and will comment again if I find it. The obfustication methods used here seem to be gunzip and b64 mostly…

]]>