 |
|
|
Thread Tools | Display Modes |
|
#1
10-30-2009, 06:54 PM
|
|||
|
New feature added to the HoneyPot
Our HoneyPot was missing an important feature, given that many (if not most) malicious websites use*PHP to serve their payload.
Up until now, our HoneyPot was only looking for pure exploits in: - browser - flash - quicktime - java However, a large number of malware files is downloaded using PHP. Here is this new feature in action: Rogue installer: 2009.10.30 10:27:37 -08:00 Pacific Standard Time,"smarttestdrive.com/download.php","smarttestdrive.com/install.exe" Malicious PDF: 2009.10.30 10:31:40 -08:00 Pacific Standard Time,"erorr.net/pdf.php","erorr.net/asdfgh.pdf" This will come in handy for our upcoming URL clearing house   Jerome Segura 
|
||
|
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
