Have fun planting virus signatures in strange places that touch remote disks somehow/somewhere.


Change your mail sig to:

Or send it in a browser var, as a password (quickly find the sites that don't encrypt passwords), send to open syslogs, etc.

The some AV actually delete/quarantine the file (weblogs, mailspool, {u,w}tmp etc.)!

What are your ideas?

Inspired by: sec.cs.tu-bs.de/pubs/2017-asia


@Dodge didn't you set your browser user-agent to the eicar string for a while? (re: @Mudge )

· · Web · 0 · 1 · 2

@emf @Mudge I don't recall doing that, but it's a good idea. Run a "host -t txt dmumford.com" though.

@Dodge Huh.. I thought it was you.. I know SOMEONE I know did that, and I'm pretty sure it was someone that worked at NFR.

Sign in to participate in the conversation

The original server operated by the Mastodon gGmbH non-profit