"Yamata Li of the Palo Alto Networks Threat Research Team has developed a Wireshark plugin that will allow you to view obfuscated pcaps of traffic from a Mariposa infected client and actually decrypt them within Wireshark."
http://www.paloaltonetworks.com/researchcenter/2009/10/mariposa-tool/
Thanks Yamata, the time and effort you have put into this plug-in is much appreciated.
B.Kilrea
Threat Analyst
No comments:
Post a Comment