PikaBot Malware Analysis: Debugging in Visual Studio
Ryan Chapman: / rj_chap
Free Cybersecurity Education and Ethical Hacking with John Hammond
📧 JOIN MY NEWSLETTER ➡ jh.live/email
🙏 SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎 FOLLOW ME EVERYWHERE ➡ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/discord ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
🔥 KZread ALGORITHM ➡ Like, Comment, & Subscribe!
Пікірлер: 41
I now understand why people requested him. His very easy to understand what goes on.😎
@rj_chap
3 ай бұрын
Thanks much!
Loved every minute of this video. It's always fun to see what, how others work to de-obfuscate / reverse certain payloads. Hope to see similar videos in the future!
Can't agree more with Ryan for using Perl for one-liners!
Script exploits are exactly why I disable the Windows Script Host.
With most scripts i found the easiest way is to clean up the code a little bit and then replace evals with prints. Let the code decode itself for you!
@ihacksi
3 ай бұрын
Genius! I do it in Powershell replacing IEXs.
@rj_chap
3 ай бұрын
Yes! Solid method :).
@ApexJnr
3 ай бұрын
This was what i did the first time
2 legends one episode ❤
Hello John,love your content and especially this kind of things.Keep it up❤❤❤❤
This was really great. Ryan (and John too) is awesome.
It's awesome explanation, keep up guys.🎉
Ryan!!! Love this guy
@rj_chap
3 ай бұрын
Thank you!! 🎉
This dudes the real deal! A real friendly and approachable person makes learning easy
@rj_chap
3 ай бұрын
Thanks! Very much appreciate it!
Lazy analyst approach to javascript malware -> replace eval with document.write and just run it.
Love You Everyone.
This pals from palword got malicious real quick with that AI.
Brutal ❤
Early crew. Shalom. 🤝🤓
Love this dudes positivity
@rj_chap
3 ай бұрын
Ty!
This is badass!
Best hacker on KZread ❤❤
Does anyone have a link for Box PowerShell?
one point one million and rising well deserved
Why wouldnt you do something like: 1+1 > 2 a= "1+1" > '1+1' eval(a) > 2 function eval(st) { console.log(st) } > undefined eval(a) > 1+1 It will stop your code from working but you can get the scripts it actually tries to run and replace the obfuscated stuff
Edit 3.js and replace eval with console.log then run. No need for A debugger to Comcast strings!!!
@rj_chap
3 ай бұрын
There could be hidden evals, which is why I like to debug each function return. In this case, that would work. But I don't like to rely on finding a single eval and only console logging it.
Remind me to add "cornucopia" to my vocabulary when describing cyber distros
This tool seems impressive
First!
Ryan is the pimp, love his trainings.
Qui is latin for what, Pikachu what? Meme. Also did the dude seriously put the divine comedy in latin as obfuscation?
Thanks Very helpful
jsnice
Like there's js-beautify there is uglify-js. Hehe
@rj_chap
3 ай бұрын
I didn't know that! Ty!
@superJK92
3 ай бұрын
Because of course there is