http://pmelson.blogspot.com/2009/11/reversing-javascript-shellcode-step-by.html
It is a detailed post, but one thing I am not understand is the spider monkey part.
After using spider monkey to translate the original percentage encoding data, the result is totally different from the original data.
However, one commet of this post points out we only need to remove the "%u" and the reverse the order of original data.
Not sure which way is correct.
But it is very good post for reverse JS shell code.
BTW, I install the spider monkey on the CentOS without any problem.
No comments:
Post a Comment