Hi folks,
Puzzle #5 is now closed! Thank you all for your entries. The answers and winners will be up soon. Stay tuned for Puzzle #6, which comes out next week… 🙂
Hi folks,
Puzzle #5 is now closed! Thank you all for your entries. The answers and winners will be up soon. Stay tuned for Puzzle #6, which comes out next week… 🙂
May 15, 2010 at 2:59 am
Hi all,
When I began this puzzle, I tries to use my already existing pyhttpxtract. The thing is that it was not enough, and I had the idea of developing a modular tool in Python that would be generic enough to be reusable in all cases. It took me long and this project only begins… That’s why I havn’t participated to this puzzle. Feel free to review my tool although, available here: http://code.google.com/p/pyncapex/.
This tool is, in its initial version, a very simplified portage of Wireshark and only DNS rendering is currently implemented, but I am currently working on very useful evolutions such as file reconnaissance. I will then implement other protocols, such as SMTP, HTTP, …
Good luck to all of you… and see you very soon.
Cheers!
Sébastien DAMAYE
May 16, 2010 at 12:48 pm
@Sébastien DAMAYE
Really amazing web interface, i’m impressed.
Initially I was thinking in something similar but seeing data as flows instead of single packets, to work easier in protocol identification (layer7) and in file carving phase. But only was an idea that finally I didn’t.
Ahhh, only one thing, testing your tool, in evidence files with ICMP packets (puzzle-4) the tool fails, maybe you need filter out not TCP nor UDP traffic 😉
Good lock!!!
May 27, 2010 at 12:22 pm
@ed
Thx for your support. I will have a look at this issue. Currently integrating new interesting funcs to the tool (e.g. port scan module) before I publish new version. It will be for sure a very convenient tool. Please use Google code’s interface to eventually put bugs or ideas. Thx
May 30, 2010 at 7:03 pm
Will the results be posted soon?