Figured I’d keep a copy of this on here for the next time I need to do malware investigation.
- urlvoid.com – checks URL’s against lots of blacklists, emergingthreats, malwaredomainlist and zeustracker/etc…
- ipvoid.com – Same as above but for IP addresses
- support.clean-mx.de – Searches above databases and records logs of abuse claims. Useful as it can sometime give you extra URI’s for a host to comb your logs for. Also usefully… Continue reading
So I noticed whilst web app testing that would receive a cookie with a value called bIPs: 709aed354747fda133a5da28dbed60e7 95eb48ad7eae5c0aa9766f0258ae8a35
Looks like it’s using a big IP load balancer. I noticed it was MD5 and that was confirmed by finding the code that generates the hash(cheers scriptmonkey).
I decided to use Hashcat to do the bruteforcing. First thing that came to mind was how to use a dictionary containing… Continue reading