Payload Hosting Obfuscation
Last updated
Last updated
Assume that an automated product will crawl the website.
To hide the link of a payload, simple use Apache mod_rewriterule to generate “corporate” URL with unique ID:
will actually call
We can then use JavaScript to generate the finaly payload link. However, if the the HTML on the phishing website looks like this:
Automated security tools will easily process the HTML and pull the payload to perform further analysis, so, to obfuscate it: