网马解密中级篇(freshow工具使用方法)（Var intermediate (freshow decryption tools)）.docVIP

网马解密中级篇(freshow工具使用方法)（Var intermediate (freshow decryption tools)） The horse Auditorium - single decryption decryption intermediate (Freshow tools) Author: networkedition The horse intermediate, mainly on the decrypted content as follows: The detailed use of the 1.Freshow decryption tool; 2. - Eval decryption hack; 3. - Document.write decryption hack; 4. - Alpha2 decryption hack; 5. - Shellcode decryption hack; 6. - Base64 decryption hack; 7. - US-ASCII decryption hack 8. talking about Eval decryption - tools Roughly the above content, the follow-up will be in accordance with the actual situation, but also increase the corresponding content. The intermediate is mainly based on a lot of examples of web Trojan decryption, combined with decryption tool (Freshow) to explain. Take from shallow to deep principle, lead us one step further to explore the web Trojan decryption. To enjoy the fun of web Trojan decryption. Today, the main contents of the explanation is the use of Freshow tools, to do good work, must first sharpen his tools, first of all to learn how to use the decryption tool, can step by step into the decryption of the palace, unveiled a web Trojan decryption. Well, lets get to know each other first, and we use Freshow. Here are some screenshots The detailed annotations for the use of the freshow tool are as follows: 1.URL: to decrypt the URL address 2.Check: used to get the source code for the URL to be decrypted (this tool will be used in a networked state) 3. on the operation area: get the site source code displayed here 4.C: clear code, used to clear the upper and lower operating areas of the code 5.P: the copy code 6.Filter: filter the JS, iframe, and script links in the web page source code 7.Decoder: the decryption button is used to decrypt the encrypted web source code 8. filter options: Qeye: filter potential malicious links in web source code, such as: iframe, script, results will be displayed in the collection area; Connect: connect the string, suc