fsebugoutzone.org:9999

       Post B0ULCf0UCJX9pl71SS by m@miruku.cafe
 (DIR) More posts by m@miruku.cafe
 (DIR) Post #B0TwYF2QvnAYoJDWEK by da_667@infosec.exchange
       2025-11-21T20:54:09Z
       
       1 likes, 1 repeats
       
       
       
 (DIR) Post #B0TwoU5QkWuO7DMdCy by da_667@infosec.exchange
       2025-11-21T20:56:56Z
       
       0 likes, 0 repeats
       
       quick sanity check, do these diagrams make sense?
       
 (DIR) Post #B0TwoVEKUvcZf6XFia by prettygood@socially.drinkingatmy.computer
       2025-11-21T20:58:35.587209Z
       
       0 likes, 0 repeats
       
       @da_667 I understood it pretty readily
       
 (DIR) Post #B0ULCf0UCJX9pl71SS by m@miruku.cafe
       2025-11-22T01:24:28.896Z
       
       1 likes, 0 repeats
       
       @prettygood@socially.drinkingatmy.computer @da_667@infosec.exchange ehybis there a byte reverse step
       
 (DIR) Post #B0UOTpw77BxAW4wu2q by da_667@infosec.exchange
       2025-11-22T02:05:52Z
       
       1 likes, 0 repeats
       
       @m @prettygood Hey there, this particular sample that I&#39;m teaching readers how to file carve is mythstealer. I did a write-up on it here:https://community.emergingthreats.net/t/games-and-myths-mythstealer-spotted-in-the-wild/2861TL;DR: the gimmick for this stealer is that the http request body with the exfil&#39;d loot is entirely reversed byte-by-byte, so the reverse operation is required to get a working zip file.