Category Archives: Flashpack Exploit Kit

Detailed Analysis of the processes and stages of an Exploit Kit – Java and IE exploited by Flashpack Web Based Kit

Here you can see the webpage that the hackers exploited ( and inserted within that page an iframe which includes a link to a Javascript Redirect file   2012-09-18 22:41:42.001035 IP > Flags [P.], seq 1:395, ack 1, win 64240, length 394 E…*.@…….j.\+lF…P7_Z.X.X.P….?..GET /Lk1SsGQm/js.js HTTP/1.1 Host: User-Agent: Mozilla/5.0 (Windows; U; Windows NT… Read More »

Share Button

Flashpack Web Based Exploit Kit Exploits Internet Explorer .EOT Font File – Monetizes with Adultfriendfinder and Other Ads

2014-05-18 22:27:26.841394 IP > Flags [P.], seq 1:430, ack 1, win 64240, length 429 E…..@….,….Y.f”…P@HD.3.:[P….k..GET / HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Referer:[.]com/translate_c?depth=1&hl=en&langpair=en%7Cen&[.]com&sandbox=0&u=http://hitcric[.]info/&usg=ALkJrhiGLwR0ZHj_UP5Ja9lbM5QmnYvMQg Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0) Accept-Encoding: gzip, deflate Host: hitcric[.]info Connection: Keep-Alive 2014-05-18 22:27:26.841401 IP > Flags [.], ack 430, win… Read More »

Share Button