![]() ![]() The application was passing the user-supplied values of the “username” and “password” parameters to the database without sanitizing them first, which resulted in an injection vulnerability. ![]() Participants were apparently expected to use Scapy to decode all commands, but due to their format I found it quicker to run tshark on the pcap file … These DNS TXT responses contained base64 encoded strings:Īfter manually decoding a few of those strings, it became obvious that DNS queries and responses had been used as a Command & Control channel. Part 1: Curious Wireless Packets Question 1: Which commands are sent across the Gnome’s command-and-control channel?Īfter downloading the pcap file at and viewing it with Wireshark, a suspicious amount of even more suspicious looking DNS responses was found. Background, storyline and questions/challenges can be found at. This post covers my technical solutions for the 2015 SANS Holiday Hack Challenge. SuperGnome 2: 52.34.3.80 (Local File Inclusion).Part 2: Firmware Analysis for Fun and Profit. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |