Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security VulnWatch
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[VulnWatch] Online Script Decoder

from [GreyMagic Security] Network Security [Permanent Link]
Subject: [VulnWatch] Online Script Decoder
Date: Tue, 7 Dec 2004 19:13:30 +0200 
Windows Script Encoder is a Microsoft tool to encode scripts so that "Web
hosts and Web clients cannot view or modify their source". It encodes the
content of script tags using a very simple encoding algorithm and renames
the scripts "language" attribute from "JScript" or "Javascript" to
"JScript.Encode" and from "VBScript" to "VBScript.Encode". 

The online script decoder decodes scripts that were encoded with the
Microsoft Script Encoder (screnc.exe) from
http://www.microsoft.com/downloads/details.aspx?familyid=E7877F67-C447-4873-
B1B0-21F0626A6329&displaylang=en. 

Recently, malicious attackers have started to use the Microsoft Script
Encoder in order to evade Anti-virus programs that rely on text-matching for
virus detection. Such encoded scripts also prevent advanced users from
immediately seeing that a script may be trying to exploit a vulnerability in
their browser. 

Use this online decoding tool to quickly and automatically reveal the actual
code of any encoded pages and scripts. You can paste an entire page
containing any number of encoded sections or simply provide an encoded page
URL.

http://www.greymagic.com/security/tools/decoder/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-Disclosure] Multiple vulnerabilities in w3who ISAPI DLL, Nicolas Gregoire
Next by Date:  [VulnWatch] Re: Online Script Decoder, Steve Shockley
Previous by Thread:  [Full-Disclosure] Multiple vulnerabilities in w3who ISAPI DLL, Nicolas Gregoire
Next by Thread:  [VulnWatch] Re: Online Script Decoder, Steve Shockley
Indexes:  [Date] [Thread] [Top] [All Lists]