Beruflich Dokumente
Kultur Dokumente
NETWORK ANALYSIS
DANIEL BERAVI
2012
Network
Table of Contents
What is this? ......................................................................................................................................... 3
Security Toolset ................................................................................................................................... 3
Approach & Solution ........................................................................................................................... 3
The Pattern of the Attack ................................................................................................................. 3
Vulnerability Exploitation................................................................................................................ 3
Encrypted ZIP .................................................................................................................................. 4
Appendices ........................................................................................................................................... 5
Appendix A ...................................................................................................................................... 5
Appendix B ...................................................................................................................................... 6
Appendix C ...................................................................................................................................... 7
Appendix D ...................................................................................................................................... 8
Appendix E ...................................................................................................................................... 9
What is this?
This is a presentation and job application to the Swedish Radio Defense Establishment. It contains an
analysis of the third public challenge, previously available at their website.
Security Toolset
Operative System: Windows 7 Professional
Protocol Analyzer A: Wireshark 1.6.8
Protocol Analyzer B: NetworkMiner 1.4.1
Zip Cracker: Accessdata PRTK 6.6.1*
Java Decompiler: JD-GUI 0.3.5
*A legal license are used provided by CS2Lab at Stockholm University
Vulnerability Exploitation
I found the Happy Applet. Happy Applet does exploit the browser security if its executed. In this case, a
shell script described later was executed. By decompiling the shell exploit, I also found the commands used.
Its shown in appendix E and its:
http://schierlm.users.sourceforge.net/CVE-2011-3544.html
http://www.metasploit.com/modules/exploit/multi/browser/java_rhino
Encrypted ZIP
I did export the ZIP-archive (FRAME 5422) from Wireshark to my desktop and loaded it in PRTK. It went
cracked in a few seconds and the output (Appendix D) was FRA. The unencrypted PDF had the following
text:
Grattis!
Skicka ditt CV till oss, samt, i det personliga brevet, beskriv ditt tillvgagngsstt och frklara vad som
hnder i ntverkstrafiken.
Appendices
Appendix A
Appendix B
Appendix C
Appendix D
Appendix E