Threat Level: green Handler on Duty: Didier Stevens

SANS ISC Internet Storm Center


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Latest Diaries

Working with base64

Published: 2015-07-05
Last Updated: 2015-07-05 14:57:31 UTC
by Didier Stevens (Version: 1)
0 comment(s)

Last week I received another malicious document with embedded payload encoded with base64. A bit tired of repeating the same manual operations to extract and decode base64 content, I quickly wrote a small Python script to help me. base64dump.py searches through the given file for base64 strings (delimited by non-base64 characters), and produce a report like this one:

Here is a video of the tool in action.

Didier Stevens
Microsoft MVP Consumer Security
blog.DidierStevens.com DidierStevensLabs.com

Keywords: base64
0 comment(s)

If you have more information or corrections regarding our diary, please share.

Recent Diaries

A .BUP File Is An OLE File
1 day ago by DidierStevens (0 comments)

Analyzing Quarantine Files
2 days ago by DidierStevens (6 comments)

Another example of Angler exploit kit pushing CryptoWall 3.0
3 days ago by Brad Duncan (2 comments)

Apple "Patch Tuesday"
4 days ago by Johannes (0 comments)

How Malware Campaigns Employ Google Redirects and Analytics
4 days ago by Lenny (3 comments)

The Powershell Diaries 2 - Software Inventory
6 days ago by Rob VandenBrink (5 comments)

The EICAR Test File
1 week ago by DidierStevens (6 comments)

View All Diaries →

Latest Discussions

Detecting lateral movement by NIDS/IPS (netcat or psexec)
created 5 days ago by DrGreen (1 reply)

Recommend InfoSec Books?
created 1 week ago by Anonymous (1 reply)

Security on Computer Names
created 1 week ago by Anonymous (1 reply)

Download the daily logs?
created 1 week ago by larry.guanneustar.biz (2 replies)

Wireshark upate - 1.12.6 has been released
created 2 weeks ago by Brad Duncan (0 replies)

View All Forums →

Latest News

View All News →