Sadly it wouldn’t work if found in a CSV file with other records:
According to EICAR’s specification the antivirus detects the test file only if it starts with the 68-byte test string and is not more than 128 bytes long. As a result, antiviruses are not expected to raise an alarm on some other document containing the test string
a computer file that was developed by the European Institute for Computer Antivirus Research (EICAR) and Computer Antivirus Research Organization to test the response of computer antivirus programs. Instead of using real malware, which could cause real damage, this test file allows people to test anti-virus software without having to use real malware.
Unfortunately there is significant overlap between plain-text-password-servers and servers that can’t be bothered to use antivirus. Also, the string may not work if it’s not at the start of the file. AV often doesn’t process the whole file for efficiency purposes.
It’s not about the password on the server where you want to log in, it’s about CSV files stored on the machine of the cybercrook who wants to use the passwords to steal people’s identities.
According to EICAR’s specification the antivirus detects the test file only if it starts with the 68-byte test string and is not more than 128 bytes long.
Use EICAR test strings as passwords so when the password is stored as plain text the antivirus software will delete the file.
Dude makes a whole binary of a virus his password.
Doesn’t have to be a binary file, toss the string in a txt file and the AV still throws a fit.
According to wikipedia it has to be at the beginning of the test file or it won’t work.
01001000 01100101 01101100 01101100 01101111 00101100 00100000 01110100 01101000 01101001 01110011 00100000 01101001 01110011 00100000 01101110 01101111 01110100 00100000 01100001 00100000 01110011 01110100 01110010 01101001 01101110 01100111 00100000 01101111 01100110 00100000 01100010 01101001 01101110 01100001 01110010 01111001 00100000 01110100 01101000 01100001 01110100 00100000 01110100 01101111 01110100 01100001 01101100 01101100 01111001 00100000 01110111 01101111 01101110 00100111 01110100 00100000 01101001 01101110 01100110 01100101 01100011 01110100 00100000 01111001 01101111 01110101 01110010 00100000 01110000 01101000 01101111 01101110 01100101 00100000 01101111 01110010 00100000 01100011 01101111 01101101 01110000 01110101 01110100 01100101 01110010 00100000 01110111 01101001 01110100 01101000 00100000 01100110 01110101 01110010 01110010 01111001 00100000 01110000 01101111 01110010 01101110 00101110 00100000 01010100 01101000 01100001 01110100 00100000 01101001 01110011 00100000 01100001 01101100 01101100 00101110 00101110 00101110 00100000 01000100 01101111 01101110 00100111 01110100 00100000 01100011 01101000 01100101 01100011 01101011 00100000 01101001 01101110 01110100 01100101 01110010 01101110 01100001 01101100 00100000 01110011 01110100 01101111 01110010 01100001 01100111 01100101 00101110 00100000 01010100 01101000 01100001 01101110 01101011 00100000 01111001 01101111 01110101 00100000 01111000 01101111 01111000 01101111
Sadly it wouldn’t work if found in a CSV file with other records:
They actually thought it through, huh?
For some reason that surprises me from the AV vendors
What is an EICAR test string?
https://en.wikipedia.org/wiki/EICAR_test_file
This sounds like a step towards computer vaccines, and I’m not about to let my computer get autism, thank you.
Joke’s on you, all computers are autistic.
This is cs101 smh
Sir this is a cs101
I am really liking this place.
deleted by creator
A specific string of text that you can use to test your AV without actually grabbing a virus.
Unfortunately there is significant overlap between plain-text-password-servers and servers that can’t be bothered to use antivirus. Also, the string may not work if it’s not at the start of the file. AV often doesn’t process the whole file for efficiency purposes.
It’s not about the password on the server where you want to log in, it’s about CSV files stored on the machine of the cybercrook who wants to use the passwords to steal people’s identities.
deleted by creator
unfortunately, nearly all AV abides by the “cannot be larger than 68 bytes” rule
Unless you’re the only one in the dump, no :c