Navigation X
ALERT
Click here to register with a few steps and explore all our cool stuff we have to offer!



   291

Question regarding infected configs

by lainhater - 06 May, 2024 - 02:07 PM
This post is by a banned member (lainhater) - Unhide
lainhater  
Supreme
15
Posts
4
Threads
1 Year of service
#1
OP 06 May, 2024 - 02:07 PM
sorry if wrong category, looked around but couldnt find anywhere else to post.

I am aware that there already are threads regarding infected configs and even a tool to scan for them but im looking for a list of red flags to avoid, please post any if you can.
for example 
base64, chromedriver.exe request header, webhooks
thanks in advance
This post is by a banned member (adiosamigo) - Unhide
This post is by a banned member (UberFuck) - Unhide
UberFuck  
Godlike
1.554
Posts
375
Threads
6 Years of service
#3
07 May, 2024 - 01:22 PM
A clipper, as referenced here, would access your clipboard and attempt to swap crypto addresses when you try to paste them. The examples I've seen attempt to persist on a system by copying code to the user's %appdata% or %localappdata% then modify the registry to add itself as a startup item.

If you don't know what you're looking at in a config, either use a detection tool or RTFM.

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
 or
Sign in
Already have an account? Sign in here.


Forum Jump:


Users browsing this thread: 1 Guest(s)

About Cracked.sh

Cracked.sh is a community forum that suits basically everyone. We provide cracking tutorials, tools, leaks, marketplace and much more stuff! You can also learn many things here, meet new friends and have a lot of fun!
If you would like to contact us, you can send our staff team a message.

Navigation

Extras

Help

Account