Sunday, 31 January 2010

Python Utility to Rename Exe or PE file in a directory

I was writing a small utility to rename all the files in the current directory (in this case its PE file). This doesn't
depend on the file extension and reads the file to check the magic number.

#####################################################################
import os
   
def ren_dir():
# refers to c:\test , if you want use current dir use '.' 
    for f in os.listdir("\\test"): 
        fl = open((os.path.join(os.path.abspath('\\test'),f)),'r')
        if fl.read(2)=='MZ':
                # do whatever operation you want 
        fl.close
    
if __name__ == "__main__":   
    ren_dir()
#############################################################

Sunday, 10 January 2010

Office.microsoft.com leading to FakeAV

Office.microsoft.com which is an official microsoft office website is leading to rogue AV website.[1] This could be  because of  SEO poisoning techniques .
In this case when you are on office.microsoft.com and use the search function you get search results leading to Fake AV.
Its a real cause for concern as this is one of most popular microsoft's website and easily all the website visitors could fall victim to this attack.