jershmagersh

rwshGMhfsfcC+kEuO48kBQxrYtX7lww8HNfBjS2q5X7byqrqKZ0scXi/DuG+O3/sZ4VyL9z5aP/0EDv63uEcO1Qjm9Fu8uAoj+x3BXFzHl1fpMudw6tpb82/Nt/VVP/f+tt7v1nw9v60nen34Dn5BawQ6WFojf1LbA+/RL8ypZ3X3AWAuF31+Tv1APDX/3VO8HItr12f6cubfVe+NCRz1gr43RtS77An0BHoCPYGewMVPIP0lsYtvoyv2BHoCPYGeQE+gJ+AT6Be0T6P1nkBPoCfQE+gJnMkE+gV9Jhei2+gJ9AR6Aj2BnoBPYOivWWW/xJP9Ikz0VfboL5iQ73g1n/Xjm1qrU4e8aONfkjHPbem+2IP73YfuOc7n/svW2YP3jI/ePCaf78V18IfIiif6sZGjtSp89Ge2avgMhGG5H18myXE8PuHdn+XLN4dXbIQDbrhGcsAqF3zmgzuTjicuruh3fnTwyCqHeJSOd84Rv7iyPvFntbyG4qoTfTHP7RG8907umhrktDztBG7v6O/67C7crB3xspUzl+exSo+84JDEo43/UBn5oj3KG/OiDU/0L9lVHv7LlLH3rJclzFI848x8FU/0YyMzrsxX4eX3WKXD6XH5og3OZYaJvmh7flYn4qMd890+BksuMuvNa6E7Hl+WCw7p2ExfwsU4NhLOaFf+Clfh8W8tYx/R3rpe8939nh2Zx+ofce8u4v5Pc5Is6XN/8pqLK8+5Rjkdp3w+8kc+t8G5D64oIwYbCX7JBneIjNxwuN91xbGRVY7iGQa/x9yH3yU6tSrpPBFDDH/kxHYcPnIkPS7bz5hi8axGvHOM8AufraxWhnMfvXhddGKORwcj2/XMJifOAb9LajonOjHHH6rHa+Q81HPfqXT2dEjNkXku9a26zlP1437v1f3UIk4Mv9fB1/K8JlD+iLtqk4vKRRcOX5Yj3Fw8y8l8Wb3I7ZiKw3uJ+TFHWDDIiDmlXdWs/KO9xHxsJDyytSq/z4ecJcn84QbvNVwnHqXXdny

jershmagersh

.*(match).*|.*(me).*|.*(please).*

jershmagersh

    if(this->rules->size() > 0) {
        string searchBlock = "";
        for(rulesIter = this->rules->begin(); rulesIter != this->rules->end(); rulesIter++) {
            if(rulesIter == this->rules->begin()) //Construct a big fat regex from all of the rules.
                searchBlock += ".*(" + rulesIter->first + ").*";
            else                searchBlock += "|.*(" + rulesIter->first + ").*";
        }
        this->globalMatchBlock = new regex(searchBlock);

jershmagersh

void DB::search(string &currLine)
{
    smatch result;
    ofstream outfile;
    regex_search(currLine, result, *globalMatchBlock);
  
    for(int i = 0; i < result.size(); i++){
        if(result[i].length() > 2 && i != 0) {
            outfile << "Match: " << (*rulesVec)[i-1].alert << endl; //Access alert in vector at that index, since that's the one that matched...
            outfile << "From: " << result[0] << endl << endl;

jershmagersh

Here's the first few lines found:

Josh:vulnSpider jr$ ruby vulnSpider.rb 
Would you like to search for plugins?
y
Getting most popular tags...
Starting with the most popular: widget
Grabbing links...

Plugin: Image Store

jershmagersh

<html>
<head>
<meta http-equiv=Content-Type content="no-cache">
<meta http-equiv=Content-Type content="text/html; charset=utf-8">

<title>D-LINK SYSTEMS, INC | WIRELESS ROUTER | HOME</title>
<script>

-snip-

jershmagersh

#!/usr/bin/ruby

$UPLOAD_DIR = "/var/www/uploads"
$HOME = "/var/www"

files = Dir.entries $UPLOAD_DIR

files.each do |file|
	if file.to_s.include? ".mp4"
		html_file_name = "#{file[0,file.length-4]}.html"

jershmagersh

#include <stdio.h>
#include <string.h>

int main(int argc, char ** argv) {
    
    const char dat_secret[] = "// dat_secret = System.IO.MemoryStream";
    long int secret_len = strlen(dat_secret);
    
    char text[secret_len];
    

jershmagersh

private void btnDecode_Click(object sender, EventArgs e)
{
	this.pbRoge.Image = Resources.bob_roge;
	byte[] dat_secret = Resources.dat_secret;
	string text = "";
	for (int i = 0; i < dat_secret.Length; i++)
	{
		byte b = dat_secret[i];
		text += (char)((b >> 4 | ((int)b << 4 & 240)) ^ 41);
	}

jershmagersh

    /* place hooks and track PE section */
    HOOK_GET_ORIG(this, "ntdll.dll", NtProtectVirtualMemory);
    HOOK_GET_ORIG(this, "ntdll.dll", NtWriteVirtualMemory);
    HOOK_GET_ORIG(this, "ntdll.dll", NtCreateThread);
    HOOK_GET_ORIG(this, "ntdll.dll", NtMapViewOfSection);
    HOOK_GET_ORIG(this, "ntdll.dll", NtResumeThread);
    HOOK_GET_ORIG(this, "ntdll.dll", NtDelayExecution);
    HOOK_GET_ORIG(this, "ntdll.dll", NtAllocateVirtualMemory);
    HOOK_GET_ORIG(this, "Kernel32.dll", CreateProcessInternalW);