Simple file carving demo

 Been awhile since I've done hands on "file carving". I was pleasantly surprised that it is so much easier now to "carve" files from "Wireshark". 

Scenario: A "Hacker" is at an open Wi-Fi operated by a Cafe. The "Hacker" uses "Wireshark" to capture network traffic traversing the wireless network. One user transfers an "Excel Spreadsheet" containing personal data onto an FTP server. The "Hacker" is able to successfully "carve" the transferred file from the network packets captured.



at
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

VM for ransomware investigations

 My laundry list of tools/software useful when investigating ransomware cases.   Tor: Obviously need this to access Onion sites. qBittorrent...

  • "An error occured in avast! engine: Invalid argument"
    This annoying message popped up after I ran the update in avast! in Ubuntu yesterday. avast! crashes every time I attempt to launch it after...
  • Zbot
    Downloaded a sample of "Zbot" from Offensive Computing's site . I'm no reverse engineering guru but decided to give it a ...