McAfee Lab Blog in their latest entry said that they saw Balloon Boy spam and what I saw is NOTHING.. 😛
Anyway, both Ballons and NOTHING leading to the same fake “Canadian” pharmacy sites
Here is my short writeup on the latest ZBot malware..
Nothing much with the malware, but nice trick on the way of spreading it
Link: Honeynet Blog
You might worry to visit directly to a shorten URL because who knows it may contain some malicious script/code
I’ve found a solution “Python: Convert those TinyURL (bit.ly, tinyurl, ow.ly) to full URLS” in stackoverflow.com but the code is in Python.
Here is how you can perform the conversion in Ruby
#!/usr/bin/ruby require 'net/http' def ConvertToFull(tinyurl) url = URI.parse(tinyurl) host, port = url.host, url.port if url.host && url.port req = Net::HTTP::Get.new(url.path) res = Net::HTTP.start(host, port) {|http| http.request(req) } return res.header['location'] end puts ConvertToFull('http://bit.ly/rgCbf') #here is how you can call the function. Thank you Captain Obvious! |
**UPDATED on 19/10/2009**
I’ve work on a more complete version which can determine Shorten URL or Full URL and return the full URL for the shorten URL.. email for for the code 😉
First of all, congrats to d3ck4, crayon and the team..
Hurm.. HITBSecConf 2009.. Personally, nothing much.. I was disappointed with Mark Dowd and Saumil’s presentation (yeah.. maybe i’m expecting too much) but somehow Wes Brown, METASM and Google’s guy fixed my day..
Enjoy spending some time outside of the office, meeting people (and old friends), (_NOT_ really) learn new stuff..
Anyway.. Itu lah apa yang berlaku..
Nothing much but YES to agree with Didier Stevens with his statement:
PDF + JS = OMG
Yerp.. there is another vulnerability (CVE-2009-3459) in Adobe Reader and Acrobat today (GMT +8) and so far it is still 0 day..
*panic panic* What to do?