Network Forensics Puzzle Contest に挑戦 #1
Upcoming SlideShare
Loading in...5
×
 

Network Forensics Puzzle Contest に挑戦 #1

on

  • 1,438 views

第8回「ネットワーク パケットを読む会(仮)」の「 Network Forensics Puzzle Contest に挑戦」での発表資料です。

第8回「ネットワーク パケットを読む会(仮)」の「 Network Forensics Puzzle Contest に挑戦」での発表資料です。

Statistics

Views

Total Views
1,438
Views on SlideShare
1,433
Embed Views
5

Actions

Likes
0
Downloads
9
Comments
0

1 Embed 5

https://twitter.com 5

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Network Forensics Puzzle Contest に挑戦 #1 Network Forensics Puzzle Contest に挑戦 #1 Presentation Transcript

  • Network Forensics PuzzleContest #1 を解析してみた 村地 彰 aka hebikuzure
  • Puzzle #1: Anns Bad AIM• 出題 http://forensicscontest.com/2009/09/25 /puzzle-1-anns-bad-aim• 対象ファイル http://philosecurity.org/558/contest_01 /evidence.pcap
  • NetworkMinor に喰わせてみた• NetworkMiner http://www.netresec.com/?page=Network Miner• [File] – [Open] で evidence.pcap を開くと…
  • ファイルが抽出されたよ
  • 抽出されたファイル
  • IM メッセージも見えるよ
  • 任務完了(^_^;)• NetworkMinor 最強っっっっっ!!!• という訳にはいかないですよね…….
  • 1. What is the name of Ann’s IM buddy?
  • 2. What was the first comment in the captured IM conversation?
  • 3. What is the name of the file Ann transferred?
  • 4. What is the magic number of the file you want to extract?
  • 5. What was the MD5sum of the file?
  • 6. What is the secret recipe?