-
-
Notifications
You must be signed in to change notification settings - Fork 155
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
generating hta page + hta question ? #24
Comments
Hey @morzen , Can you get a new version of Octopus and regenerate the HTA, then do a view page source in order to check if you can see the code or not? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I am using kali 2020.4 I made a brand new install of octopus to be sure no modification had been done on my end, with still issues getting pycrypto so pycryto is missing (see #23)
I encounter an issue I didn't have before the hta page is blank which wasn't a problem before
I have another question as well so not really a problem rather I am trying to understand something about the program
so this time on a modified (just putted a few prints) version of the program (not the clean install used before )
I was trying to understand how the hta was generated and I reached this point and to understand what I am dealing with I putted some prints
here is the output
so from this, I have multiple questions:
1: how is definied the variable i because from this prints i understand it is an array of length 2 containing item of the re array
like re[0] is [ ']' , '=' ] and so i = [ ']' , '=' ] which mean i[0]=']' and i[1] = '='
but where is all of that created and defined I see where re is created but that is it.
2:in the for loop I see you are replacing characters by others in the variable js which has been encoded in base64
I assume this is for code obfuscation
but it doesn't raise a question how is the code going to work if you modify it by that I mean that before the for loop i can decode the base64 no problem
but rather obviously trying to decode the last iteration is proven to be useless
so even if the hta page wasn't blank and was outputting the code (which is what it was doing for me before the code was given to me on the page) the code still wouldn't work because it would not be decodable right?
I assume I am missing something
many thanks in advance for the answer and I try to understand why the page is blank it could very well be a Mozilla problem on my end of security or something like that i am checking for that
The text was updated successfully, but these errors were encountered: