Hey there, it's your friendly neighborhood hacker, stryde. Thanks for the link. I'm still working on protocol analysis on the trojan in use, but, I will tell you it's a block cipher over zlib compression, so, you can't just watch the screenshots going by in raw XML. I'm hoping to have a service fingerprint soon, but, no promises. I'll try to answer any replies here. Glad you enjoyed the writeup.
-stryde.hax
I think if you have passion for something then you're among the lucky, and certainly the lines blur between my work and my hobbies. Of course, sometimes that can have unexpected results!
Slashdot Mirror
Hey there, it's your friendly neighborhood hacker, stryde. Thanks for the link. I'm still working on protocol analysis on the trojan in use, but, I will tell you it's a block cipher over zlib compression, so, you can't just watch the screenshots going by in raw XML. I'm hoping to have a service fingerprint soon, but, no promises. I'll try to answer any replies here. Glad you enjoyed the writeup. -stryde.hax
I think if you have passion for something then you're among the lucky, and certainly the lines blur between my work and my hobbies. Of course, sometimes that can have unexpected results!