Welcome! #
- LetsDefend is a Blue Team Training platform.
- This writeup is a challenge on LetsDefend.
Challenge Details: #
- Role targeted: Security Analyst
- Skill Level: Easy
Description: #
You must to find details of shellshock attacks
Log file: /root/Desktop/ChallengeFile/shellshock.pcap
Note: pcap file found public resources.
Lab Start: #
Wireshark: #
We only need to do one thing to find the answers: Right-click the HTTP packet, then follow the HTTP Stream.
What is the server operating system? #
- Found in the “Server: " in the server’s response.
Ubuntu
What is the application server and version running on the target system? #
- Once again found in “Server: “.
Apache/2.2.22
What is the exact command that the attacker wants to run on the target server? #
- Found in the attacker’s “User-Agent: " after the shellshock.
/bin/ping -c1 10.246.50.2
