Author Topic: urlquery.net  (Read 37833 times)

0 Members and 1 Guest are viewing this topic.

June 28, 2011, 01:42:00 pm
Reply #15

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Ah, cheers :)

May be an idea to make that a little clearer, yes.
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

June 28, 2011, 02:11:29 pm
Reply #16

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
I would like to see a column "Host" in http request table. I don't like that I have to click on each request line to see the host.
You could make the "Reponse" column smaller, but add a host column.
Ruining the bad guy's day

June 28, 2011, 02:29:47 pm
Reply #17

tyriel

  • Jr. Member

  • Offline
  • **

  • 14
    • urlQuery
I would like to see a column "Host" in http request table. I don't like that I have to click on each request line to see the host.
You could make the "Reponse" column smaller, but add a host column.

I can add the "Host" row from the http request header to the default text before you expand it. Sounds ok?

June 28, 2011, 02:39:08 pm
Reply #18

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
I would like to see a column "Host" in http request table. I don't like that I have to click on each request line to see the host.
You could make the "Reponse" column smaller, but add a host column.

I'll can add the "Host" row from the http request header to the default text before you expand it. Sounds ok?

Sounds good.
Ruining the bad guy's day

September 08, 2011, 04:48:15 pm
Reply #19

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Let's start with reporting about missing detections.

Incognito exploit kit
example
Code: [Select]
buyaion.cu.cc/showthread.php?t=82651514
New Blackhole kit version
Code: [Select]
dreth543rwfdegrhjt.cz.cc/t/b56696ed19ad9fdfd35260d0a21bf00f
Ruining the bad guy's day

September 09, 2011, 07:00:50 am
Reply #20

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
No detection for exploits of CrimePack

Code: [Select]
greatyoutubevideos.info/nolock/index.php
vb6protected.com/nolock/index.php
Ruining the bad guy's day

September 12, 2011, 03:18:24 pm
Reply #21

tyriel

  • Jr. Member

  • Offline
  • **

  • 14
    • urlQuery
No detection for exploits of CrimePack

Code: [Select]
greatyoutubevideos.info/nolock/index.php
vb6protected.com/nolock/index.php


I'll have a closer look at those URL, not sure if they contain CrimePack tho, as one seems to use some Java code and the other seems to be dead at time of visit.

I'll update the BlackHole and Incognito signatures tonight with new patterns.


Thanks for feedback MDL! :)


September 13, 2011, 04:50:37 pm
Reply #22

tyriel

  • Jr. Member

  • Offline
  • **

  • 14
    • urlQuery
Let's start with reporting about missing detections.

Incognito exploit kit
example
Code: [Select]
buyaion.cu.cc/showthread.php?t=82651514


Anyone know what version of incognito this is?

I remember the old format from v2.0 was:

Code: [Select]
/in.php?a=QQkFBwQHBAEABQQMEkcJBQcEBwYABQcHDA==