Forum Discussion
Bronze IIIReverse Engineering (Offensive) JavaScript Analysis: JSDetox
I was able to complete the lab however I think lab needs some improvement
JSDetox error
For Q3, you need to look into the obfuscated code, before applying applying any deobfuscating steps
For Q8, the data analyze tool in the lab does not work. Use CyberChef or something else, it is very misleading if you assume it works and you are missing something.
Silver IIII think this tool is both overrated and abandoned, and at first I thought it would do some magic. I waited dozens of minutes for "Analyze" to do something, before I aborted these attempts. It's much easier to load the HTML file into the browser and then "Copy -> Inner HTML" to get the decoded scripts (JSDETOX has a nice formatter, but that's it). Not a single edit needed.
I couldn't understand Q4: "Which packet number corresponds to the site that is 302 redirected to (and which hosts the malware where you start analysis)?", it's not clear what you want. And since it's not a Wireshark lab, it might be just written as: "Identify the server where the malware is downloaded from, and as answer enter the number of the first frame with a http response code from that server."
- KieranRowley
Community Manager
Hey netcat we have discussed your feedback internally and are in agreement with many of your comments. This is an older lab that no longer meets our quality standards and we are therefore going to uplift this lab and change some of the wording to make it clearer.
You may be interested in the Introduction to Malware Analysis lab which uses more modern tooling.
