We got some log indicates the attacker, can you gathering information from pcap file?
Log file: https://app.letsdefend.io/download/downloadfile/webserver.em0.zip
How many HTTP GET requests are in pcap?
Statistics –> HTTP –> Requests
What is the server operating system?
What is the name and version of the web server software?
What is the version of OpenSSL running on the server?
What is the client’s user-agent information?
Question 6 & 7
What is the username used for Basic Authentication?
What is the user password used for Basic Authentication?
Decode the encoded string found in the stream to find the user name and password.
Leave a Reply