https://blog.wireshark.org/tags/mariposa/ Recent content in mariposa on The Official Wireshark Blog Hugo -- gohugo.io en-us Wed, 28 Oct 2009 19:05:19 +0000 https://blog.wireshark.org/2009/10/using-wireshark-to-track-a-botnet/ Wed, 28 Oct 2009 19:05:19 +0000 https://blog.wireshark.org/2009/10/using-wireshark-to-track-a-botnet/ <p>Security researchers have written a Wireshark dissector that will decrypt the command and control protocol used by the Mariposa botnet. More information at <a href="http://www.paloaltonetworks.com/researchcenter/2009/10/mariposa-tool/">Palo Alto Networks</a> and <a href="http://defintel.blogspot.com/2009/10/mariposa-botnet-analysis.html">Defence Intelligence</a>.</p> <h2 id="comments">Comments <a href="#comments" class="anchor">🔗</a></h2><h3 id="comment-by-manonfire-on-2009-11-02-080548-0000">Comment by ManOnFire on 2009-11-02 08:05:48 +0000 <a href="#comment-by-manonfire-on-2009-11-02-080548-0000" class="anchor">🔗</a></h3><p>Anyone have a packet capture for mariposa C&amp;C? I would like to test the decryption plugin. Thanks!</p> <h3 id="comment-by-gerald-combs-on-2009-11-04-134755-0000">Comment by Gerald Combs on 2009-11-04 13:47:55 +0000 <a href="#comment-by-gerald-combs-on-2009-11-04-134755-0000" class="anchor">🔗</a></h3><p>You might try contacting Palo Alto Networks or Defence Intelligence. I don’t see any capture file downloads on either site.</p>