1.0 Introduction Software development in the security domains always involve converting from and to hex and binary format. For those new to certain languages, a high learning curve is involved and this translates to increasing the development cost. This article concentrates in using the ruby language to help new comers shorten the learning curve. To […]
ProFTPD 1.3.3c Compromise:Trojan Source Code
On Sunday, the 28th of November 2010 around 20:00 UTC the main distribution server of the ProFTPD project was compromised. The attackers most likely used an unpatched security issue in the FTP daemon to gain access to the server and used their privileges to replace the source files for ProFTPD 1.3.3c with a version which […]
IDA Pro: IDC Script for Decrypting VB Obfuscated Malware
I was playing with a piece of malware with Jun Yee and we came across an obfuscated string in the VB code. The malware itself was written in Microsoft Visual Basic 6. It has a feature that allows the malware to overwrite itself after execution just to make it a bit stealthier. Additionally, the virus […]