Author Topic: Wireshark Plugin for Mariposa Botnet Command and Control  (Read 2618 times)

0 Members and 1 Guest are viewing this topic.

October 28, 2009, 03:22:27 pm
Read 2618 times

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
http://www.paloaltonetworks.com/researchcenter/2009/10/mariposa-tool/

Quote
Yamata Li of the Palo Alto Networks Threat Research Team has developed a Wireshark plugin that will allow you to view obfuscated pcaps of traffic from a Mariposa infected client and actually decrypt them within Wireshark.
Ruining the bad guy's day