[OT} ZIPs (was: Re: [Vol-users] IAT hook question)

Ken Pryor kdpryor at gmail.com
Fri Jan 18 11:10:10 CST 2013


I have also found if you change the file extension on a zip file to .txt,
you'll fool Gmail into thinking it's a text file. The receiving party just
has to change the extension back to zip and all is well. I've sent a number
of zips containing malware or other exe's that way successfully.

Ken Pryor

On Fri, Jan 18, 2013 at 11:02 AM, Mike Lambert <dragonforen at hotmail.com>wrote:

>  Being a WinRAR user, I don't have 7z.
> What do the -mhe option do?
>
> Thanks
>
>  > Date: Thu, 17 Jan 2013 21:14:43 -0700
> > Subject: Re: [OT} ZIPs (was: Re: [Vol-users] IAT hook question)
> > From: aoz.syn at gmail.com
> > To: phatbuckett at gmail.com
> > CC: dragonforen at hotmail.com; vol-users at volatilityfoundation.org
>
> >
> > On Thu, Jan 17, 2013 at 9:11 PM, Darren Spruell <phatbuckett at gmail.com>
> wrote:
> > > I tend to strip extensions and send in encrypted zips when dealing
> > > with Google services. Fantastic for everything except threat sharing.
> >
> > 7z -mhe for the win.
>
> _______________________________________________
> Vol-users mailing list
> Vol-users at volatilityfoundation.org
> http://lists.volatilityfoundation.org/mailman/listinfo/vol-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.volatilityfoundation.org/pipermail/vol-users/attachments/20130118/a77b543d/attachment.html


More information about the Vol-users mailing list