Wireshark-users: [Wireshark-users] Reassembling TCP for a netcat session
From: Atomikramp <atomikramp@xxxxxxxx>
Date: Wed, 9 Jun 2010 16:33:36 +0200
Hello everyone,
i have a question for you :), do you know if there is a way, using wireshark, to reassemble PDUs from a netcat session?
becouse i have lots of packets containing a "data" payload that are all part of the same stream, and i would like to extract and reassemble that payload for further analysis.
it's an exe file transfered using netcat (actually a reverse connection from metasploit framework stager), and i'm looking for advices on how to dump that file from the pcap.
Thanks in advice.
----
Caselle da 1GB, trasmetti allegati fino a 3GB e in piu' IMAP, POP3 e SMTP autenticato? GRATIS solo con Email.it
Sponsor:
Cerchi un jeans alla moda a meno di 20 Euro? Visita Piazzaitalia.it e scopri tutta la collezione primavera-estate 2010
Clicca qui
Caselle da 1GB, trasmetti allegati fino a 3GB e in piu' IMAP, POP3 e SMTP autenticato? GRATIS solo con Email.it
Sponsor:
Cerchi un jeans alla moda a meno di 20 Euro? Visita Piazzaitalia.it e scopri tutta la collezione primavera-estate 2010
Clicca qui
- Prev by Date: Re: [Wireshark-users] Help regarding how wireshark converts www passwords in http header in plain text .!!!
- Next by Date: [Wireshark-users] Wireshark 1.0.14 is now available
- Previous by thread: Re: [Wireshark-users] Help regarding how wireshark converts www passwords in http header in plain text .!!!
- Next by thread: [Wireshark-users] Wireshark 1.0.14 is now available
- Index(es):