CJ Chamberland - Page 2 of 2 - Web Security, Malware Research & Other Junk

Zopim.com compromised – using social engineering

Yes, folks – people still get social engineered. Below is a copy of the email we received on December 11, 2013: Your personal data may have been accessed What happened? A few hours ago, one of our support staff’s workstation was compromised through a social engineering attack. The...

Continue reading

December 11, 2013 cjchamber General Security No Comment

Sneaky code injection

Found this nugget the other day while cleaning out a wordpress site. It was put in a file called ‘widget-footer.php’ which was a part of their wordpress theme: So, you may be asking – what does it do? It checks to see if the user is logged in,...

Continue reading

December 10, 2013 cjchamber Malware Analysis No Comment

Decoding a Shell

Original filename: zt.php If you just executed the file, you simply see a password prompt – this indicates that it’s more than likely some type of php shell. To find out what it does, we have to de-obfuscate it.

Continue reading

December 4, 2013 cjchamber Malware Analysis No Comment

Workin on it!

Getting my site back up and running after a small hiatus.

Continue reading

December 4, 2013 cjchamber Random Crap No Comment

2 of 2« Previous 12

Latest

New SAST Tool – solaredappscreener

IRS & Equifax: A match made in heaven.

Online OSINT tools

CVE-2014-3117 OpenCart <= 4.3 Reflective XSS

formtoemail (free email form) – XSS

LinkedIn

Colette Chamberland

Latest Tweets

RT @opendotfilm: At WordCamp Europe, we asked our friend Milos Mihaljevic from ManageWP what "open" means. To Milos, open is about s… https://t.co/Hf9Qsqtcr7
June 26, 2019 5:24 pm
RT @mmaunder: I had a wonderful chat with Ryan Dewhurst AKA @ethicalhack3r at #WCEU yesterday about WPScan, a command line tool t… https://t.co/bTPwmWnZOD
June 21, 2019 10:50 am
RT @TheTweetOfGod: Life begins the moment you leave Alabama.
May 15, 2019 1:55 pm
RT @wordfence: Announcing 3 New Login Security Features including FREE Two Factor Authentication! #Security4All www.wordfence.com/blog/2019/05… via @wordfence
May 14, 2019 7:44 pm
RT @wordfence: Have a hacked website you've been putting off dealing with? Our security services are currently discounted by 30%.… https://t.co/evEQg0cSJY
May 9, 2019 8:21 pm

Additional Resources

Malwared Database
Kafeine - Malware Research
Malware analysis tool
Redleg's file viewer
PHP Decoder
Google Webmaster Forum
Base64 Decode/encode
My Pastebin
JavaScript Unpacker
Scurit HIPAA Specialists
My Github
Pen Test cheat Sheet

Sponsors

Visit the Kaspersky Lab US e-Store

Google Ads