Category "deobfuscation"

Decrypt obfuscated perl script on hacked site

I was cleaning out a client's site that got hacked after I had cleaned it once already, when I found a cron job pointing to a script in the server /tmp director