At a certain point as a Security Consultant / Ethical Hacker you may find that some other hackers are aiming at you and you domain.
Well it happend. They where able to place some files on the shared hosting environment of my Internet Site Hoster. I found out that files where placed as I recieved mails from SIDN that thier “Netcraft Takedown Service” had found infected files inside my .zefat.nl domain.
(my www.zefat.nl domain is located on other servers.)
OK… Domain down.. Darn..
Looking at the folder at my hosted site I see the files and copy the content to my system for future investigation.
Lets put the script to the test:
OK. Password. Lets try to decrypt the file.
The site: https://www.unphp.net/ did a neat job...Read More