devskim blog

Search

🐊

Shellshock Attack (WireShark)

sections

Tags

forensic

Created

May 25, 2023 04:53 AM

Last Updated

Jul 30, 2023 09:49 AM

1. 사전 준비 2. 풀이 참고

1. 사전 준비

WireShark 다운로드

https://www.wireshark.org/download.html

pcap 다운로드 (비밀번호 321)

https://api.letsdefend.io/download/downloadfile/shellshock.zip

2. 풀이

Q1. What is the server operating system?

HTTP 응답 에러페이지에서 정보 확인

notion image

정답

Ubuntu

Q2. What is the application server and version running on the target system?

HTTP 응답 에러페이지에서 정보 확인

notion image

정답

Apache/2.2.22

Q3. What is the exact command that the attacker wants to run on the target server?

HTTP GET 패킷의 정보 확인

notion image

정답

/bin/ping -c1 10.246.50.2

참고

Getting Started to LetsDefend

Register to soc analyst/incident response training platform

Getting Started to LetsDefend

https://app.letsdefend.io/challenge/shellshock-attack

Getting Started to LetsDefend

LetsDefend: Shellshock Attack — WriteUp

What is Shellshock attack?

LetsDefend: Shellshock Attack — WriteUp

https://lokzy.medium.com/letsdefend-shellshock-attack-writeup-4d0bcbb5e955

LetsDefend: Shellshock Attack — WriteUp

PREVAndroid, iOS 파티션

NEXTPrintNightmare