Security researchers have written a Wireshark dissector that will decrypt the command and control protocol used by the Mariposa botnet. More information at Palo Alto Networks and Defence Intelligence.
Security researchers have written a Wireshark dissector that will decrypt the command and control protocol used by the Mariposa botnet. More information at Palo Alto Networks and Defence Intelligence.
Anyone have a packet capture for mariposa C&C? I would like to test the decryption plugin. Thanks!
You might try contacting Palo Alto Networks or Defence Intelligence. I don’t see any capture file downloads on either site.