Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Js_dloadr.gq

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Js_dloadr.gq
# 1  
Old 07-26-2008
Js_dloadr.gq
This JavaScript may be hosted on a Web site and run when a user accesses the said Web site. Once a user visits the Web site hosting this malware, it downloads a file.

It takes advantage of the vulnerability in Microsoft Data Access Components (MDAC). That allows the scripts to download and execute malicious files.

More information of the said vulnerability is available in the following Web site:

Microsoft Security Bulletin MS06-014
It uses Microsoft.XMLHTTP object with CLSID BD96C556-65A3-11D0-983A-00C04FC29E36 and ADODB.Stream objects to download the file.

The Microsoft.XMLHTTP object is one of Microsoft's suite of XML DOM (Document Object Model) components that are initially designed to provide client-side access to XML documents on remote servers through the HTTP protocol. The said object is used to request or send any type of document.

The ADODB.Stream object is used to read, write, and manage a stream of binary data or text. Note that VBScript and JavaScript do not usually have capabilities to read and write files because they are programmed as safe client-side programming languages. To work with files, the use of a built-in or external ActiveX or COM object, such as Microsoft.XMLHTTP and ADODB.Stream objects, is required.



More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

web::simple::deployment

Web::Simple::Deployment(3pm)				User Contributed Perl Documentation			      Web::Simple::Deployment(3pm)

NAME

       Web::Simple::Deployment - various deployment options

DESCRIPTION

       This file documents common deployment methods for Web::Simple. If you feel one is missing, please ask in the IRC channel and we'll work
       with you to add it.

CGI

       The most basic deployment option is as a CGI script loading and running your Web::Simple-module:

	 #!/usr/bin/env perl

	 use Your::Web::Simple::App;
	 Your::Web::Simple::App->run_if_script;

       Save that as script.cgi and your web server will handle it correctly.

Plack-Server
       This works in with exactly the same code as CGI deployment. However instead of letting your web server load script.cgi, you run this on the
       command line:

	 plackup script.cgi

   Self-contained CGI
       Sometimes your app is so small that you have only one or two tiny classes that you want to run as a CGI script. Web::Simple offers a
       helpful mechanism to achieve that.

	 #!/usr/bin/env perl

	 use Web::Simple 'HelloWorld';	 # enables strictures and warnings for the file
					 # additionally, HelloWorld is upgraded to a
					 # Web::Simple application
	 {
	   package HelloWorld;

	   sub dispatch_request {
	     sub (GET) {
	       [
		 200,
		 [ 'Content-type', 'text/plain' ],
		 [ 'Hello world! It is a fine ' . HelloWorld::Helper->day ]
	       ]
	     },
	     sub () {
	       [ 405, [ 'Content-type', 'text/plain' ], [ 'Method not allowed' ] ]
	     }
	   }
	 }

	 {
	   package HelloWorld::Helper;

	   use DateTime;

	   sub day {
	     return DateTime->now->day_name;
	   }
	 }

	 HelloWorld->run_if_script;

AUTHORS

       See Web::Simple for authors.

COPYRIGHT AND LICENSE

       See Web::Simple for the copyright and license.

perl v5.14.2							    2012-05-07					      Web::Simple::Deployment(3pm)