Reverse Engineering A Spam Script

Jelle Raaijmakers has a new tutorial on Dissecting a spammer’s spam script:

One of the WordPress sites on a shared hosting web server I manage was infected by a spam script. Fortunately, the script was unable to do any real damage and was detected within half an hour of infection. I thought it would be fun to show you the script and dissect it, to find out exactly how these things work and make thousands of email administrators’ lives a living hell.

It’s interesting seeing what all is involved in reversing the obfuscated code. “I’m slightly impressed by the technical quality”, Jelle said in the post, “I would never have expected a state machine, or the amount of socket error codes that are handled gracefully. The custom written DNS lookup with a proper response handling loop also surprised me.”


Filed in: News


Newsletter

Join the weekly newsletter and never miss out on new tips, tutorials, and more.

Laravel News Partners

Laravel Jobs

Mid / Sen. Software Engineer
Clearwater, FL
ShineOn
Remote PHP / Laravel Developer
Remote
SpringboardVR
Senior PHP/Laravel Developer: Your Dream Work Environment
Remote
iPhone Photography School
Senior Laravel Developer
Leidseplein, Amsterdam
Orderchamp.com
PHP Developer
Remote
X-Team
Senior Laravel Developer (Canada and India)
London, Ontario, Canada
Factory Bucket Inc.
Laravel, PHP, PostgreSQL, Neo4J Developer
Pune, India (intern in Denver, CO)
Life AI