🐊

Shellshock Attack (WireShark)

Tags

forensic

ID matched

Created

May 25, 2023 01:53 PM

Last Updated

Last updated July 15, 2023

1. 사전 준비 2. 풀이 참고

1. 사전 준비

WireShark 다운로드

https://www.wireshark.org/download.html

pcap 다운로드 (비밀번호 321)

https://api.letsdefend.io/download/downloadfile/shellshock.zip

2. 풀이

Q1. What is the server operating system?

HTTP 응답 에러페이지에서 정보 확인

notion image

정답

Ubuntu

Q2. What is the application server and version running on the target system?

HTTP 응답 에러페이지에서 정보 확인

notion image

정답

Apache/2.2.22

Q3. What is the exact command that the attacker wants to run on the target server?

HTTP GET 패킷의 정보 확인

notion image

정답

/bin/ping -c1 10.246.50.2

참고

Getting Started to LetsDefend

Register to soc analyst/incident response training platform

Getting Started to LetsDefend

https://app.letsdefend.io/challenge/shellshock-attack

Getting Started to LetsDefend

LetsDefend: Shellshock Attack — WriteUp

What is Shellshock attack?

LetsDefend: Shellshock Attack — WriteUp

https://lokzy.medium.com/letsdefend-shellshock-attack-writeup-4d0bcbb5e955

LetsDefend: Shellshock Attack — WriteUp