To find the files that are left behind by Java go to \\comp\c$\Users\*\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 The path may vary.
In each numbered folder it will contain an IDX file and the actual file.
By utilizing https://github.com/Rurik/Java_IDX_Parser/blob/master/idx_parser.py you can evaluate the IDX file to see if the information contained could be malicious.
Subscribe to:
Post Comments (Atom)
-
Here is a quick walk through of GetBoo. The first item that I found was you can harvest the usernames of the existing users that are regist... -
As I was glancing through the logs of my honeypots I spent some time to look at the following logs. In the past I have just overlooked them... -
I ran a Nikto scan and found the following vulnerability in the report that it produces: "OSVDB-637: Enumeration of users is possible...
-
I thought I would work through a few of these web applications provided by OWASP on their broken web applications VM. The first one I th... -
Recently, I stumbled across a webshell that was impersonating a 404 page not found error. The original filename was "404.php.gif"...
No comments:
Post a Comment