brandall
 Desconectado
Mensajes: 11
|
disculpe por la demora no encontré todavía
hice eso de poner en otro hosting pero no funciono
aqui para quien quiere ver q sucede dejo una captura ante q lo borraran en el hosting
mi dirección es 10.10.15.101
la del hostin es 69.90.110.250
esta parte es vital
hecksum: 0x7b84 [correct]
Hypertext Transfer Protocol
GET /AWH.txt HTTP/1.1\r\n
Request Method: GET
Request URI: /AWH.txt
Request Version: HTTP/1.1
User-Agent: sicheats\r\n
Host: sicheats.bravehost.com\r\n
este es todo completo
si quieren envió el archivo cap
se puede hacer inyección con estos paquete
No. Time Source Destination Protocol Info
3 11.655435 10.10.15.101 69.90.110.250 TCP 3410 > http [SYN] Seq=0 Len=0 MSS=1460
Frame 3 (62 bytes on wire, 62 bytes captured)
Arrival Time: Jul 1, 2009 17:01:15.421301000
Time delta from previous packet: 10.246075000 seconds
Time since reference or first frame: 11.655435000 seconds
Frame Number: 3
Packet Length: 62 bytes
Capture Length: 62 bytes
Protocols in frame: eth:ip:tcp
Coloring Rule Name: HTTP
Coloring Rule String: http || tcp.port == 80
Ethernet II, Src: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90), Dst: Aztech_57:da:24 (00:30:0a:57:da:24)
Destination: Aztech_57:da:24 (00:30:0a:57:da:24)
Address: Aztech_57:da:24 (00:30:0a:57:da:24)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90)
Address: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Internet Protocol, Src: 10.10.15.101 (10.10.15.101), Dst: 69.90.110.250 (69.90.110.250)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 48
Identification: 0xcb33 (52019)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0x61d1 [correct]
Good: True
Bad : False
Source: 10.10.15.101 (10.10.15.101)
Destination: 69.90.110.250 (69.90.110.250)
Transmission Control Protocol, Src Port: 3410 (3410), Dst Port: http (80), Seq: 0, Len: 0
Source port: 3410 (3410)
Destination port: http (80)
Sequence number: 0 (relative sequence number)
Header length: 28 bytes
Flags: 0x0002 (SYN)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Window size: 16384
Checksum: 0x285e [correct]
Options: (8 bytes)
Maximum segment size: 1460 bytes
NOP
NOP
SACK permittedNo. Time Source Destination Protocol Info
4 11.927583 69.90.110.250 10.10.15.101 TCP http > 3410 [SYN, ACK] Seq=0 Ack=1 Win=4296 Len=0 MSS=1432
Frame 4 (62 bytes on wire, 62 bytes captured)
Arrival Time: Jul 1, 2009 17:01:15.693449000
Time delta from previous packet: 0.272148000 seconds
Time since reference or first frame: 11.927583000 seconds
Frame Number: 4
Packet Length: 62 bytes
Capture Length: 62 bytes
Protocols in frame: eth:ip:tcp
Coloring Rule Name: HTTP
Coloring Rule String: http || tcp.port == 80
Ethernet II, Src: Aztech_57:da:24 (00:30:0a:57:da:24), Dst: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90)
Destination: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90)
Address: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: Aztech_57:da:24 (00:30:0a:57:da:24)
Address: Aztech_57:da:24 (00:30:0a:57:da:24)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Internet Protocol, Src: 69.90.110.250 (69.90.110.250), Dst: 10.10.15.101 (10.10.15.101)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 48
Identification: 0xb75b (46939)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 237
Protocol: TCP (0x06)
Header checksum: 0x08a9 [correct]
Good: True
Bad : False
Source: 69.90.110.250 (69.90.110.250)
Destination: 10.10.15.101 (10.10.15.101)
Transmission Control Protocol, Src Port: http (80), Dst Port: 3410 (3410), Seq: 0, Ack: 1, Len: 0
Source port: http (80)
Destination port: 3410 (3410)
Sequence number: 0 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 28 bytes
Flags: 0x0012 (SYN, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Window size: 4296
Checksum: 0x138c [correct]
Options: (8 bytes)
Maximum segment size: 1432 bytes
SACK permitted
EOLNo. Time Source Destination Protocol Info
5 11.927635 10.10.15.101 69.90.110.250 TCP 3410 > http [ACK] Seq=1 Ack=1 Win=17184 Len=0
Frame 5 (54 bytes on wire, 54 bytes captured)
Arrival Time: Jul 1, 2009 17:01:15.693501000
Time delta from previous packet: 0.000052000 seconds
Time since reference or first frame: 11.927635000 seconds
Frame Number: 5
Packet Length: 54 bytes
Capture Length: 54 bytes
Protocols in frame: eth:ip:tcp
Coloring Rule Name: HTTP
Coloring Rule String: http || tcp.port == 80
Ethernet II, Src: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90), Dst: Aztech_57:da:24 (00:30:0a:57:da:24)
Destination: Aztech_57:da:24 (00:30:0a:57:da:24)
Address: Aztech_57:da:24 (00:30:0a:57:da:24)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90)
Address: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Internet Protocol, Src: 10.10.15.101 (10.10.15.101), Dst: 69.90.110.250 (69.90.110.250)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0xcb34 (52020)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0x61d8 [correct]
Good: True
Bad : False
Source: 10.10.15.101 (10.10.15.101)
Destination: 69.90.110.250 (69.90.110.250)
Transmission Control Protocol, Src Port: 3410 (3410), Dst Port: http (80), Seq: 1, Ack: 1, Len: 0
Source port: 3410 (3410)
Destination port: http (80)
Sequence number: 1 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x0010 (ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 17184
Checksum: 0x0cdb [correct]
No. Time Source Destination Protocol Info
6 11.927785 10.10.15.101 69.90.110.250 HTTP GET /AWH.txt HTTP/1.1
Frame 6 (155 bytes on wire, 155 bytes captured) Arrival Time: Jul 1, 2009 17:01:15.693651000
Time delta from previous packet: 0.000150000 seconds
Time since reference or first frame: 11.927785000 seconds
Frame Number: 6
Packet Length: 155 bytes
Capture Length: 155 bytes
Protocols in frame: eth:ip:tcp:http
Coloring Rule Name: HTTP
Coloring Rule String: http || tcp.port == 80
Ethernet II, Src: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90), Dst: Aztech_57:da:24 (00:30:0a:57:da:24)
Destination: Aztech_57:da:24 (00:30:0a:57:da:24)
Address: Aztech_57:da:24 (00:30:0a:57:da:24)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90)
Address: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Internet Protocol, Src: 10.10.15.101 (10.10.15.101), Dst: 69.90.110.250 (69.90.110.250)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 141
Identification: 0xcb35 (52021)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0x6172 [correct]
Good: True
Bad : False
Source: 10.10.15.101 (10.10.15.101)
Destination: 69.90.110.250 (69.90.110.250)
Transmission Control Protocol, Src Port: 3410 (3410), Dst Port: http (80), Seq: 1, Ack: 1, Len: 101
Source port: 3410 (3410)
Destination port: http (80)
Sequence number: 1 (relative sequence number)
Next sequence number: 102 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x0018 (PSH, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 1... = Push: Set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 17184
Checksum: 0x7b84 [correct]
Hypertext Transfer Protocol
GET /AWH.txt HTTP/1.1\r\n
Request Method: GET
Request URI: /AWH.txt
Request Version: HTTP/1.1
User-Agent: sicheats\r\n
Host: sicheats.bravehost.com\r\n
Connection: Keep-Alive\r\n \r\n
No. Time Source Destination Protocol Info
7 12.213262 69.90.110.250 10.10.15.101 HTTP HTTP/1.1 200 OK
Frame 7 (321 bytes on wire, 321 bytes captured)
Arrival Time: Jul 1, 2009 17:01:15.979128000
Time delta from previous packet: 0.285477000 seconds
Time since reference or first frame: 12.213262000 seconds
Frame Number: 7
Packet Length: 321 bytes
Capture Length: 321 bytes
Protocols in frame: eth:ip:tcp:http
Coloring Rule Name: HTTP
Coloring Rule String: http || tcp.port == 80
Ethernet II, Src: Aztech_57:da:24 (00:30:0a:57:da:24), Dst: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90)
Destination: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90)
Address: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: Aztech_57:da:24 (00:30:0a:57:da:24)
Address: Aztech_57:da:24 (00:30:0a:57:da:24)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Internet Protocol, Src: 69.90.110.250 (69.90.110.250), Dst: 10.10.15.101 (10.10.15.101)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 307
Identification: 0xcf83 (53123)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 237
Protocol: TCP (0x06)
Header checksum: 0xef7d [correct]
Good: True
Bad : False
Source: 69.90.110.250 (69.90.110.250)
Destination: 10.10.15.101 (10.10.15.101)
Transmission Control Protocol, Src Port: http (80), Dst Port: 3410 (3410), Seq: 1, Ack: 102, Len: 267
Source port: http (80)
Destination port: 3410 (3410)
Sequence number: 1 (relative sequence number)
Next sequence number: 268 (relative sequence number)
Acknowledgement number: 102 (relative ack number)
Header length: 20 bytes
Flags: 0x0018 (PSH, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 1... = Push: Set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 4397
Checksum: 0xeb93 [correct]
Hypertext Transfer Protocol
HTTP/1.1 200 OK\r\n Request Version: HTTP/1.1
Response Code: 200
Date: Wed, 01 Jul 2009 15:01:21 GMT\r\n
Server: Apache\r\n
Last-Modified: Wed, 01 Jul 2009 14:31:29 GMT\r\n
ETag: "3396595e-0-c7629240"\r\n
Accept-Ranges: bytes\r\n
Content-Length: 0\r\n
Vary: Accept-Encoding,User-Agent\r\n
Connection: close\r\n
Content-Type: text/plain\r\n
\r\n
No. Time Source Destination Protocol Info
8 12.213870 69.90.110.250 10.10.15.101 TCP http > 3410 [FIN, ACK] Seq=268 Ack=102 Win=4397 Len=0
Frame 8 (60 bytes on wire, 60 bytes captured)
Arrival Time: Jul 1, 2009 17:01:15.979736000
Time delta from previous packet: 0.000608000 seconds
Time since reference or first frame: 12.213870000 seconds
Frame Number: 8
Packet Length: 60 bytes
Capture Length: 60 bytes
Protocols in frame: eth:ip:tcp
Coloring Rule Name: HTTP
Coloring Rule String: http || tcp.port == 80
Ethernet II, Src: Aztech_57:da:24 (00:30:0a:57:da:24), Dst: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90)
Destination: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90)
Address: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: Aztech_57:da:24 (00:30:0a:57:da:24)
Address: Aztech_57:da:24 (00:30:0a:57:da:24)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Trailer: 000000000000
Internet Protocol, Src: 69.90.110.250 (69.90.110.250), Dst: 10.10.15.101 (10.10.15.101)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0xcf87 (53127)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 237
Protocol: TCP (0x06)
Header checksum: 0xf084 [correct]
Good: True
Bad : False
Source: 69.90.110.250 (69.90.110.250)
Destination: 10.10.15.101 (10.10.15.101)
Transmission Control Protocol, Src Port: http (80), Dst Port: 3410 (3410), Seq: 268, Ack: 102, Len: 0
Source port: http (80)
Destination port: 3410 (3410)
Sequence number: 268 (relative sequence number)
Acknowledgement number: 102 (relative ack number)
Header length: 20 bytes
Flags: 0x0011 (FIN, ACK)
0... .... = Congestion Window Reduced (CWR): Not set .0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...1 = Fin: Set
Window size: 4397
Checksum: 0x3d5d [correct]
No. Time Source Destination Protocol Info
9 12.213911 10.10.15.101 69.90.110.250 TCP 3410 > http [ACK] Seq=102 Ack=269 Win=16917 Len=0
Frame 9 (54 bytes on wire, 54 bytes captured)
Arrival Time: Jul 1, 2009 17:01:15.979777000
Time delta from previous packet: 0.000041000 seconds
Time since reference or first frame: 12.213911000 seconds
Frame Number: 9
Packet Length: 54 bytes
Capture Length: 54 bytes
Protocols in frame: eth:ip:tcp
Coloring Rule Name: HTTP
Coloring Rule String: http || tcp.port == 80
Ethernet II, Src: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90), Dst: Aztech_57:da:24 (00:30:0a:57:da:24)
Destination: Aztech_57:da:24 (00:30:0a:57:da:24)
Address: Aztech_57:da:24 (00:30:0a:57:da:24)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90)
Address: 00:1a:4d:1f:ad:90 (00:1a:4d:1f:ad:90)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Internet Protocol, Src: 10.10.15.101 (10.10.15.101), Dst: 69.90.110.250 (69.90.110.250)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0xcb36 (52022)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0x61d6 [correct]
Good: True
Bad : False
Source: 10.10.15.101 (10.10.15.101)
Destination: 69.90.110.250 (69.90.110.250)
Transmission Control Protocol, Src Port: 3410 (3410), Dst Port: http (80), Seq: 102, Ack: 269, Len: 0
Source port: 3410 (3410)
Destination port: http (80)
Sequence number: 102 (relative sequence number)
Acknowledgement number: 269 (relative ack number)
Header length: 20 bytes
Flags: 0x0010 (ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set .... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 16917
Checksum: 0x0c75 [correct]
|
Autor
En línea
