Simple file carving demo

 Been awhile since I've done hands on "file carving". I was pleasantly surprised that it is so much easier now to "carve" files from "Wireshark". 

Scenario: A "Hacker" is at an open Wi-Fi operated by a Cafe. The "Hacker" uses "Wireshark" to capture network traffic traversing the wireless network. One user transfers an "Excel Spreadsheet" containing personal data onto an FTP server. The "Hacker" is able to successfully "carve" the transferred file from the network packets captured.



at
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

VM for ransomware investigations

 My laundry list of tools/software useful when investigating ransomware cases.   Tor: Obviously need this to access Onion sites. qBittorrent...

  • "An error occured in avast! engine: Invalid argument"
    This annoying message popped up after I ran the update in avast! in Ubuntu yesterday. avast! crashes every time I attempt to launch it after...
  • NeXpose vs Nessus
    I've used Nessus for years. I only recently heard of NeXpose after Rapid7 started funding Metasploit and promised to integrate their sca...