Reverse Engineering A Spam Script

Jelle Raaijmakers has a new tutorial on Dissecting a spammer’s spam script:

One of the WordPress sites on a shared hosting web server I manage was infected by a spam script. Fortunately, the script was unable to do any real damage and was detected within half an hour of infection. I thought it would be fun to show you the script and dissect it, to find out exactly how these things work and make thousands of email administrators’ lives a living hell.

It’s interesting seeing what all is involved in reversing the obfuscated code. “I’m slightly impressed by the technical quality”, Jelle said in the post, “I would never have expected a state machine, or the amount of socket error codes that are handled gracefully. The custom written DNS lookup with a proper response handling loop also surprised me.”


Filed in: News


Newsletter

Join the weekly newsletter and never miss out on new tips, tutorials, and more.

Laravel News Partners

Laravel Jobs

Full-Stack Developer
Tampa
Nu Image Medical
Senior Software Developer
Remote (US ONLY)/Kenilworth, NJ
Diversified
Senior Back-end Laravel API Developer - Immediate Contract (Full Time)
Remote
ApproveMe // Document Signing
Web Development Project Manager
Houston, TX
Swyft Filings
Experienced Laravel/VueJS Developer (Freelance)
Remote (preferably in the US)
Prosperly LLC
Senior React / Laravel Developer
Remote
The C.A.S.E. Engineering Group
Software Engineer
Boston
ButcherBox