PHP Malware Analysis

Back to list

Tags

URLs
http://www.w3.org/1999/xhtml
http://www.w3.org/1999/xhtml
http://google.com

Deobfuscated code

<html>
	<head></head>
	<body>
		<something:script xmlns:something="http://www.w3.org/1999/xhtml">alert(1)</something:script>
		<a:script xmlns:a="http://www.w3.org/1999/xhtml">alert(2)</a:script>
		<info>
		  <name>
		    <value><![CDATA[<script>confirm(document.domain)</script>]]></value>
		  </name>
		    <description>
		      <value>Hello</value>
		    </description>
		    <url>
		      <value>http://google.com</value>
		    </url>
		</info>
	</body>
</html>


Original code

<html>
	<head></head>
	<body>
		<something:script xmlns:something="http://www.w3.org/1999/xhtml">alert(1)</something:script>
		<a:script xmlns:a="http://www.w3.org/1999/xhtml">alert(2)</a:script>
		<info>
		  <name>
		    <value><![CDATA[<script>confirm(document.domain)</script>]]></value>
		  </name>
		    <description>
		      <value>Hello</value>
		    </description>
		    <url>
		      <value>http://google.com</value>
		    </url>
		</info>
	</body>
</html>