This is Rodel Mendrez's Typepad Profile.
Join Typepad and start following Rodel Mendrez's activity
Join Now!
Already a member? Sign In
Rodel Mendrez
Recent Activity
@David: I assumed that those repetitive string were whitespaces when decoded and those would be 0x00s. The repetitive string was 21 bytes long. The pattern is more obvious when viewing in text mode because part of the repetitive string contains 0x0D,0x0A (line termination). So i took that 21 bytes string starting with 0x0D,0x0A and xor it against PK.BIN starting at the offset where i took my XOR key. @jeremy.collake: thank you for that advice.
Toggle Commented Apr 26, 2012 on Pwning a Spammer's Keylogger at SpiderLabs Anterior
@Matthias Brugger i actually did. If you read the blog and noticed the Wireshark screenshot, that is how i intercepted the FTP credentials. My objective of decoding the configuration file (PK.BIN) is to retrieve the PK admin panel password and other useful details such as the license name.
Toggle Commented Apr 25, 2012 on Pwning a Spammer's Keylogger at SpiderLabs Anterior
Rodel Mendrez is now following The Typepad Team
Mar 21, 2012