#SETTING UP INSPIRCD ON VIRTUALMACHINE CODE#
Flasm is a SWF disassembler and assembler, and Flare is a SWF decompiler that converts the Flash byte code to ActionScript source code, which is interesting if the analyst wants to understand how a specific piece of malware works.Īs most JavaScript malware is obfuscated to thwart analysis attempts, deobfuscation tools are really helpful. SWFTools is a collection of utilities for working with Adobe Flash files, and some of them are extremely valuable while analyzing malware, such as SWFStrings that scans for text data, and SWFDump that shows information such as a disassembly of contained code. Analyze thisĪdobe Flash malware in SWF files can be analyzed thanks to three tools: SWFTools, Flasm, and Flare. Sudo ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''Īccording to Zeltser, this is a problem specific to the ISO version. Sudo ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' For instance, when firing up sshd, it turned out that the distribution hadn't set up SSH host keys, so you can only log into REMnux via SSH after creating the host keys manually: There are some imperfections, though, at least in the ISO version of REMnux.
#SETTING UP INSPIRCD ON VIRTUALMACHINE SOFTWARE#
The ~/.bash_aliases file contains various shortcuts to the most commonly-used tools, and additional tools can be installed from the Ubuntu software repository using apt-get. REMnux is configured to automatically acquire an IP
The user is then greeted by the Enlightenment window manager and a Mode, and automatically logs in the user "remnux". REMnux is a trimmed-down version of Ubuntu 9.10 with a hand-picked The VMware image is the preferred version, as it is the only one that has undergone extensive testing, but your author used the ISO image as a live CD in VirtualBox without any big problems. The distribution can be downloaded as a 575 MB compressed VMware image or a 602 MB ISO file.
In addition to its home page on Zeltser's web site, REMnux also has a SourceForge page with some discussion forums. To create the live CD version of the distribution, he used Remastersys. To create the VMware virtual appliance of REMnux, Zeltser installed Ubuntu 9.10 in a VMware virtual machine, removed unnecessary packages, added the tools he liked, and customized the setup. My hope is that by installing my favorite tools and configuring them the way I liked, I saved people some time and made it easier to enter the world of malware analysis.
0 kommentar(er)
