Websense Security Labs has a blog post about a malicious site serving up payloads based on the HTTP user-agent string. This is something I've seen in the wild many times, and I kind of thought it was old news. The easiest way to get around this kind of simple protection is to set the user-agent string sent by wget. You'll want to use the "--user-agent" option, and there is an extensive list of user-agent strings at http://www.user-agents.org.
Pro-tip: a generally malware-ok user-agent string is
Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
Update: You can also do this.
Friday, June 29, 2007
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment