lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: exibar at thelair.com (Exibar)
Subject: Encoding

um, you DO know that joke.scr is Bagle.AA virus right?  I know that you were
asking a question about encoding and not that you wanted to get to that file
specifically, but I figured I'd just throw in that JOKE.SCR is the bagle.aa
virus...just in case :-)

  Exibar

----- Original Message ----- 
From: "Maxime Ducharme" <mducharme@...ergeneration.com>
To: "Tyler, Grayling" <ggtyler@...dlion.com>;
<full-disclosure@...ts.netsys.com>
Sent: Friday, April 30, 2004 2:27 PM
Subject: Re: [Full-Disclosure] Encoding


Encoding
Hi,
    text/* encoding can be read in you mail program
or any text editor.

Base64 is used to encode binary data in string so it can
get trought normal SMTP servers.

To get the binary file back, you must decode it with a base64
algorithm which is well known.

You may get info on this encoding here :
http://www.ietf.org/rfc/rfc1341.txt
(section 5.2  Base64 Content-Transfer-Encoding)

Here is an already compiled tool :
http://www.fourmilab.ch/webtools/base64/
(this one runs *nix & windows)

Have a nice day

Maxime Ducharme
Programmeur / Sp?cialiste en s?curit? r?seau

----- Original Message ----- 
From: Tyler, Grayling
To: full-disclosure@...ts.netsys.com
Sent: Friday, April 30, 2004 1:35 PM
Subject: [Full-Disclosure] Encoding


At the risk of getting flamed (it will be worth it if I learn something
useful) I'd like to ask a question.
I've seen several cases where files have been sent to the list using
different encodings (examples below). How do you covert these back to the
original files (or can you?)
Thanks
<snip Examples>
This is a multi-part message in MIME format.
--Multipart_Thu__29_Apr_2004_20:59:33_+0000_08324880
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
----------ecnaowrkveaupymubjrq
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: 7bit
<html><body>
<br>
</body></html>
----------ecnaowrkveaupymubjrq
Content-Type: application/octet-stream; name="Joke.scr"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="Joke.scr"
TVoAAAEAAAACAAAA//8AAEAAAAAAAAAAQAAAAAAAAAC0TM0hAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAkAAAAKkm3RPtR7NA7UezQO1Hs0DtR7NA7kezQGNYoEBtR7NAEWehQOxHs0AqQbVA
7EezQFJpY2jtR7NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUEUAAEwBAwDMD5BAAAAAAAAA
.
.
many more lines of same
.
.
.
AADgAA8BCwEFDABQAAAAEAAAAJAAAPDiAAAAoAAAAPAAAAAAQAAAEAAAAAIAAAQAAAAAAAAA
BAAAAAAAAAAAAAEAABAAAAAAAAACAAAAAAAQAAAQAAAAABAAABAAAAAAAAAQAAAAAAAAAAAA
kEw1CmBDYI4AF8SdSkyDJnqksmHAHk8NPooaF603JIi2SDa8FMRlOlq2AbtbElqqTJUFFmaX
DZ2kJ7wnUkc=
----------ecnaowrkveaupymubjrq-- 


--__--__-- 



This electronic message may contain confidential or privileged information
and is intended for the individual or entity named above.  If you are
not the intended recipient, be aware that any disclosure, copying,
distribution or use of the contents of this information is prohibited.
If you have received this electronic transmission in error, please notify
the sender immediately by using the e-mail address or by telephone
(704-633-8250).

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ