SCUF Gaming Magecart Loader
Just a quick post on a digital skimmer loader that is somewhat unique. The threat actor used a script tag with a base64 encoded payload.
Just a quick post on a digital skimmer loader that is somewhat unique. The threat actor used a script tag with a base64 encoded payload.
In my last post, I highlighted a digital skimming loader that tried to pretend that it was Google Analytics. In this post, I’ll show a similar one, this time purporting to be Google Tag Manager. This is by the same … Continue reading
A quick examination of a Magecart/Digital Skimmer loader. A loader is just Javascript code that loads additional code. They’re designed to look innocuous, frequently mirroring common tools like Google Analytics. To start, here is the entire code: If you look … Continue reading
Of the thousand or so people who took part in the 2016 NSA Codebreaker Challenge, only 15 solved Task 6. I wasn’t one of them, but I figured I’d write-up what I found anyways. This will be two parts, because … Continue reading
Task 5 was more complex than the previous tasks, especially since there was no clearly defined way to solve it. I spent more time than I’d like to admit going down a bottomless rabbit hole, before adjusting tactics and fairly … Continue reading
The fourth task was probably the most straightforward to complete. Task 4 – Disarm Capability, Part 2 Perfect! Now that we have the key file we can work on a disarm capability. Several intelligence reports suggest that terrorists use a … Continue reading
For Task 3 the server component (that the client from Task 2 would communicate with) is provided, along with an encrypted key. The goal of the task is to decrypt the key. Task 3 – Disarm Capability, Part 1 Thanks … Continue reading
The second task contained some network traffic (in a pcap file) and a request to find the IP address of the undetonated IED by finding a string in the traffic. Task 2 – Information Gathering and Triage, Part 2 Great … Continue reading
The first task was pretty straightforward. A client binary was provided, and some information about it was requested. Task 1 – Information Gathering and Triage, Part 1 A military organization captured a laptop of a known explosives expert within a … Continue reading
2016 was the 4th year the NSA ran its Codebreaker Challenge. It’s targeted at US college students, but anyone with a .edu email address at their disposal can join in the fun. Each year they have a series of challenges … Continue reading