Demonstration Lab
IT Security & IT Forensics Examples

Web Forensics

JavaScript Downloader

This exercise is about starting a download with JavaScript. This allows a file to be started for download without logging a request to the server.


Analyse the first task (Exercise A). To do this, evaluate the communication with the server. How is the download started? What are the differences in the tracks compared to normal downloads?

The file of the second task (Exercise B) uses a special signature. What is it about?

Then go through the next trainings. Which method is used to obfuscate the downloads?

Exercise A: Basic Example

Solution of the exercise

Download the file "test.txt" without an additional connection to the server.

The download is realized exclusively in JavaScript. A file is offered for donwload, which is not transferred from the server. This allows dynamic files to be generated and offered for download. They do not appear in the log files, because all steps take place on the client.