Random Exe from Apple Webserver

Thread replies: 17
Thread images: 2

Anonymous
Random Exe from Apple Webserver 2017-05-19 07:16:35 Post No. 60486709
[Report] Image search: [Google]

File: 1477301783267.gif (1MB, 972x1000px) Image search: [Google]

Random Exe from Apple Webserver Anonymous 2017-05-19 07:16:35 Post No. 60486709 [Report]

>on train
>decide to scan random hosts on the built in WiFi
>find an Apple device with a webserver running
>connect to it on browser
>immediately downloads an exe

What could it be lads? I'm on GNU/Linux but I will try to move it to a shit top with windows later. Any ideas?

Anonymous 2017-05-19 07:27:45 Post No.60486887
[Report]

Anonymous 2017-05-19 07:27:45 Post No.60486887 [Report]

This is interesting. Bump.

Anonymous 2017-05-19 07:29:33 Post No.60486914
[Report]

Anonymous 2017-05-19 07:29:33 Post No.60486914 [Report]

>>60486709
Try just extracting the strings from it first. You can do it on Linux.

Anonymous 2017-05-19 07:31:15 Post No.60486935
[Report]

Anonymous 2017-05-19 07:31:15 Post No.60486935 [Report]

run it on wine

Anonymous 2017-05-19 07:33:41 Post No.60486975
[Report]

Anonymous 2017-05-19 07:33:41 Post No.60486975 [Report]

>>60486709
bumpin'
this might be pretty interesting.

Anonymous 2017-05-19 07:35:48 Post No.60487001
[Report]

Anonymous 2017-05-19 07:35:48 Post No.60487001 [Report]

Run it in a VM

Anonymous 2017-05-19 07:37:59 Post No.60487027
[Report]

Anonymous 2017-05-19 07:37:59 Post No.60487027 [Report]

install gentoo

Anonymous 2017-05-19 07:38:30 Post No.60487033
[Report] Image search: [Google]

Anonymous 2017-05-19 07:38:30 Post No.60487033 [Report]

File: image_2.jpg (41KB, 482x756px) Image search: [Google]

41KB, 482x756px

>>60487001
Yeah, just use a VM

Anonymous 2017-05-19 07:44:52 Post No.60487099
[Report]

Anonymous 2017-05-19 07:44:52 Post No.60487099 [Report]

>>60486709
what's the filename and size?
is it clean on virustotal?
have you run strings against it?
is the file signed?

Anonymous 2017-05-19 07:49:41 Post No.60487163
[Report]

Anonymous 2017-05-19 07:49:41 Post No.60487163 [Report]

>>60486709
upload on mega and link here
currently on winblows

Anonymous 2017-05-19 07:53:31 Post No.60487215
[Report]

Anonymous 2017-05-19 07:53:31 Post No.60487215 [Report]

>>60486709
$ strings thing.exe

Anonymous 2017-05-19 07:53:32 Post No.60487216
[Report]

Anonymous 2017-05-19 07:53:32 Post No.60487216 [Report]

>>60486709
im interested

Anonymous 2017-05-19 08:25:14 Post No.60487629
[Report]

Anonymous 2017-05-19 08:25:14 Post No.60487629 [Report]

Will op deliver?

Anonymous 2017-05-19 09:07:42 Post No.60488180
[Report]

Anonymous 2017-05-19 09:07:42 Post No.60488180 [Report]

Apple Airports are configured using a desktop program instead of a web page like most mobile router/WAP combos. OS X has this built in, but windows PCs need the program. I bet you thats what it is.

Anonymous 2017-05-19 09:40:33 Post No.60488700
[Report]

Anonymous 2017-05-19 09:40:33 Post No.60488700 [Report]

>>60486709
op, put it in a tarball then zip it, after that put it on megaupload and drop the link here

Anonymous 2017-05-19 10:05:30 Post No.60489001
[Report]

Anonymous 2017-05-19 10:05:30 Post No.60489001 [Report]

>>60486914
>>60487099
>>60487215

Do not run strings on arbitrary files.
CVE-2014-8485

Anonymous 2017-05-19 10:15:29 Post No.60489128
[Report]

Anonymous 2017-05-19 10:15:29 Post No.60489128 [Report]

>>60489001
Run strings -a on a Linux system. OpenBSD doesn't have this problem

I'm aware that Imgur.com will stop allowing adult images since 15th of May. I'm taking actions to backup as much data as possible. Read more on this topic here - https://archived.moe/talk/thread/1694/

I'm aware that Imgur.com will stop allowing adult images since 15th of May. I'm taking actions to backup as much data as possible.
Read more on this topic here - https://archived.moe/talk/thread/1694/