IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [obfuscation]

Obfuscation refers to hiding the intended meaning of communication.

175 questions
163
votes
2 answers

I found unknown PHP code on my server. How do I de-obfuscate the code?

We've been getting a lot of noise regarding hacked PHP files here, and it's taking a lot of time to answer these questions. In many cases, they are off-topic. We've had a discussion about this on Information Security Meta, and many people want these…
Mark Buffalo
  • 22,498
  • 8
  • 74
  • 91
113
votes
4 answers

Is using 'dot' and 'at' in email addresses in public text still useful?

When entering your email address publicly, a practice is to replace . with text dot and @ with text at. I assume that the reasoning is that this way automatic email-collector robots won't match your address so easily. I still see updated websites…
n611x007
  • 2,255
  • 3
  • 15
  • 17
102
votes
5 answers

Can I safely preview a short link?

There are a lot of different URL shorteners out there, like Bitly or TinyURL. Besides their main purpose of shortening a link, they also: obfuscate the actual URL collect statistics about the usage of the short link From the obfuscation, at least…
stackprotector
  • 1,621
  • 3
  • 6
  • 15
102
votes
4 answers

Why is this 435 × 652 pixel JPEG over 6 MB?

This was, before someone helpfully fixed it after seeing this question, a relatively unassuming and tiny photo of a ̶f̶i̶s̶h̶ nudibranch, with 283,620 pixels. It has some metadata: text Exif tags as well as 8.6kB of Color Profile information, and a…
David
  • 782
  • 2
  • 5
  • 9
92
votes
4 answers

I was tricked on Facebook into downloading an obfuscated script

I got a notification on Facebook: "(a friend of mine) mentioned you in a comment". However, when I clicked it, Firefox tried to download the following file: comment_24016875.jse This is an obfuscated script which seems to download an executable…
Nacib Neme
  • 1,194
  • 2
  • 9
  • 11
90
votes
15 answers

How to store passwords written on a physical notebook?

Answers to the question "How safe are password managers like LastPass?" suggest that storing personal passwords on a physical notebook might be a reasonable option: I know someone who won't use Password Safe and instead has a physical notebook…
tmh
  • 1,139
  • 1
  • 9
  • 10
80
votes
5 answers

Does code obfuscation give any measurable security benefit?

I've always firmly held the belief that obfuscation is essentially useless. Obfuscated code is not impossible to read, only harder to read. I had the belief that a sufficiently skilled attacker would be able to bring the obfuscated code back into a…
user163495
72
votes
3 answers

Strange code running at startup

A piece of code was running on my Windows machine at startup. I would like to know exactly what this code is doing; it seems to refer to something like crackbook? @echo off if %PROCESSOR_ARCHITECTURE%==x86 ( START /B powershell -NoP -NonI -W…
Aditya Giri
  • 739
  • 1
  • 5
  • 8
72
votes
7 answers

Is image blurring an unsafe method to obfuscate information in images?

Is image blurring an unsafe method to obfuscate information in images? I.e., is it possible to "de-blur" the image, if you know the algorithm and the setting, or by trial & error? For instance, the image below is the Google logotype blurred with the…
P A N
  • 869
  • 1
  • 6
  • 8
47
votes
3 answers

I found obfuscated code in a comment on my blog. What should I do?

Today I was checking comments on my blog and I found a strange comment, here is the exact text