Dionaea simple analysis

Dionaea exploit analysis

For this analysis, we’ll using python3 that bundled with Dionaea:

Running command above will open a python console. Enter the code below line by line:

It will produce test.bin file in /tmp/ folder.

Now we analyze it and dump the output to another file:

You should see something like this:

As you can see, the malicious URL is hxxp://188.245.32.210:8147/kcfl

Reference : https://sourceforge.net/p/nepenthes/mailman/message/26862416/

Any Comments?

This site uses Akismet to reduce spam. Learn how your comment data is processed.