App Review Hiding malicious scripts/codes using MS-DOS - DOSfuscation

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
HackExplorer

HackExplorer

New Member
Thread author
Mar 27, 2019
4
20
5
Sri Lanka
Content source
https://youtu.be/ptsF2PvD4vY
Watch Here:



I created a video showing how to de-obfuscate a DOSfuscated PowerShell command obtained from an infected Word Document. Here you will learn some simple tricks used to obfuscate commands using CMD, and De Obfuscate an advanced dosfuscation scenario. I will be using Cyberchef to perform all the decoding and String operations.
 

Attachments

  • De-Dosfuscation.png
    De-Dosfuscation.png
    347.7 KB · Views: 330
  • Like
Reactions: Deletedmessiah, Andy Ful, harlan4096 and 1 other person
The white paper:

CyberChef - The Cyber Swiss Army Knife GitHub webpage
github.com

GitHub - gchq/CyberChef: The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis - gchq/CyberChef
github.com github.com

The working tools online:

CyberChef

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
gchq.github.io gchq.github.io
"CyberChef is still under active development. As a result, it shouldn't be considered a finished product. There is still testing and bug fixing to do, new features to be added and additional documentation to write. Please contribute!"
 
Last edited:
  • Like
Reactions: harlan4096 and Deletedmessiah

You may also like...