-
-
Notifications
You must be signed in to change notification settings - Fork 628
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #719 from p-l-/update-doc
Doc: add passive screencasts
- Loading branch information
Showing
21 changed files
with
654 additions
and
26 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,293 @@ | ||
{"version": 2, "width": 80, "height": 24} | ||
[0.0, "o", "\u001b]0;user@computer:~\u0007"] | ||
[0.000223, "o", "[user@computer ~]$ "] | ||
[0.542955, "o", "\u001b[H\u001b[2J[user@computer ~]$ "] | ||
[1.426468, "o", "i"] | ||
[1.492759, "o", "v"] | ||
[1.526064, "o", "r"] | ||
[1.657435, "o", "e"] | ||
[1.752184, "o", " "] | ||
[2.049456, "o", "i"] | ||
[2.129476, "o", "p"] | ||
[2.228762, "o", "i"] | ||
[2.447298, "o", "n"] | ||
[2.542869, "o", "f"] | ||
[2.674807, "o", "o"] | ||
[2.74675, "o", " "] | ||
[3.010423, "o", "-"] | ||
[3.133609, "o", "-"] | ||
[3.379294, "o", "i"] | ||
[3.470356, "o", "n"] | ||
[3.529608, "o", "i"] | ||
[3.578696, "o", "t"] | ||
[3.841429, "o", "\r\n"] | ||
[4.039991, "o", "This will remove any passive information in your database. Process ? [y/N] "] | ||
[4.944845, "o", "y"] | ||
[5.018116, "o", "\r\n"] | ||
[6.058713, "o", "\u001b]0;user@computer:~\u0007"] | ||
[6.058857, "o", "[user@computer ~]$ "] | ||
[6.728566, "o", "s"] | ||
[6.796621, "o", "u"] | ||
[6.887644, "o", "d"] | ||
[6.976196, "o", "o"] | ||
[7.057383, "o", " "] | ||
[7.342606, "o", "b"] | ||
[7.420462, "o", "r"] | ||
[7.568824, "o", "o"] | ||
[7.678638, "o", " "] | ||
[7.944689, "o", "-"] | ||
[8.130472, "o", "C"] | ||
[8.250252, "o", " "] | ||
[8.49038, "o", "-"] | ||
[8.683115, "o", "i"] | ||
[8.845401, "o", " "] | ||
[8.96053, "o", "w"] | ||
[9.061084, "o", "l"] | ||
[9.105194, "o", "p"] | ||
[9.300134, "o", "2"] | ||
[9.524755, "o", "s"] | ||
[9.807491, "o", "0"] | ||
[10.334089, "o", " "] | ||
[11.018122, "o", "-"] | ||
[11.239863, "o", "b"] | ||
[11.389048, "o", " "] | ||
[11.814703, "o", "/"] | ||
[12.107273, "o", "u"] | ||
[12.218431, "o", "s"] | ||
[12.408827, "o", "r/"] | ||
[12.998995, "o", "s"] | ||
[13.149205, "o", "h"] | ||
[13.386776, "o", "are/"] | ||
[13.804756, "o", "i"] | ||
[13.865982, "o", "v"] | ||
[14.081779, "o", "re/"] | ||
[14.381052, "o", "b"] | ||
[14.495498, "o", "r"] | ||
[14.737983, "o", "o/"] | ||
[15.183643, "o", "i"] | ||
[15.258688, "o", "v"] | ||
[15.442857, "o", "re/"] | ||
[15.677432, "o", "p"] | ||
[15.742983, "o", "a"] | ||
[15.799055, "o", "s"] | ||
[15.939976, "o", "siverecon/ \r"] | ||
[16.753703, "o", "b"] | ||
[16.872512, "o", "are.bro "] | ||
[17.558287, "o", "|"] | ||
[17.705867, "o", " "] | ||
[18.305892, "o", "i"] | ||
[18.407401, "o", "v"] | ||
[18.460252, "o", "r"] | ||
[18.592224, "o", "e"] | ||
[18.673809, "o", " "] | ||
[18.888218, "o", "p"] | ||
[18.919069, "o", "a"] | ||
[18.963735, "o", "s"] | ||
[19.062783, "o", "s"] | ||
[19.224181, "o", "i"] | ||
[19.329898, "o", "v"] | ||
[19.375646, "o", "e"] | ||
[19.594393, "o", "r"] | ||
[19.655171, "o", "e"] | ||
[19.888717, "o", "c"] | ||
[19.976357, "o", "o"] | ||
[20.046557, "o", "n"] | ||
[20.332805, "o", "2"] | ||
[20.555543, "o", "d"] | ||
[20.667706, "o", "b"] | ||
[20.823046, "o", " "] | ||
[21.230163, "o", "-"] | ||
[21.38097, "o", "s"] | ||
[21.636177, "o", " "] | ||
[21.943964, "o", "W"] | ||
[22.072369, "o", "I"] | ||
[22.212284, "o", "F"] | ||
[22.346647, "o", "I"] | ||
[22.651294, "o", " "] | ||
[22.733727, "o", "&"] | ||
[22.986807, "o", "\r\n"] | ||
[22.987329, "o", "[1] 8419\r\n"] | ||
[22.987797, "o", "\u001b]0;user@computer:~\u0007[user@computer ~]$ "] | ||
[23.428793, "o", "listening on wlp2s0\r\n\r\n"] | ||
[24.425397, "o", "\r\n"] | ||
[24.425926, "o", "\u001b]0;user@computer:~\u0007"] | ||
[24.426036, "o", "[user@computer ~]$ "] | ||
[25.000507, "o", "h"] | ||
[25.058418, "o", "o"] | ||
[25.140025, "o", "s"] | ||
[25.273898, "o", "t"] | ||
[25.365161, "o", " "] | ||
[25.572454, "o", "i"] | ||
[25.611969, "o", "v"] | ||
[25.659019, "o", "r"] | ||
[25.793093, "o", "e"] | ||
[25.947846, "o", "."] | ||
[26.874793, "o", "r"] | ||
[27.037748, "o", "o"] | ||
[27.127246, "o", "c"] | ||
[27.236263, "o", "k"] | ||
[27.343584, "o", "s"] | ||
[27.64435, "o", "\r\n"] | ||
[27.66362, "o", "ivre.rocks has address 5.135.166.161\r\n"] | ||
[27.679654, "o", "ivre.rocks mail is handled by 10 spool.mail.gandi.net.\r\nivre.rocks mail is handled by 50 fb.mail.gandi.net.\r\n"] | ||
[27.681062, "o", "\u001b]0;user@computer:~\u0007"] | ||
[27.681203, "o", "[user@computer ~]$ "] | ||
[28.89737, "o", "c"] | ||
[28.97063, "o", "u"] | ||
[29.060973, "o", "r"] | ||
[29.180577, "o", "l"] | ||
[29.296773, "o", " "] | ||
[29.481934, "o", "-"] | ||
[29.788195, "o", "L"] | ||
[29.978556, "o", " "] | ||
[30.335829, "o", "h"] | ||
[30.413676, "o", "t"] | ||
[30.528722, "o", "t"] | ||
[30.587894, "o", "p"] | ||
[30.769066, "o", ":"] | ||
[30.965507, "o", "/"] | ||
[31.087386, "o", "/"] | ||
[31.342018, "o", "i"] | ||
[31.398093, "o", "v"] | ||
[31.452928, "o", "r"] | ||
[31.571276, "o", "e"] | ||
[31.765684, "o", "."] | ||
[31.938236, "o", "r"] | ||
[32.059642, "o", "o"] | ||
[32.136592, "o", "c"] | ||
[32.985125, "o", "k"] | ||
[33.048511, "o", "s"] | ||
[33.561121, "o", "/"] | ||
[33.894361, "o", " "] | ||
[34.063343, "o", ">"] | ||
[34.106146, "o", " "] | ||
[34.445825, "o", "/"] | ||
[34.539082, "o", "d"] | ||
[34.576615, "o", "e"] | ||
[34.759534, "o", "v"] | ||
[34.911773, "o", "/"] | ||
[35.12038, "o", "n"] | ||
[35.184223, "o", "u"] | ||
[35.395908, "o", "l"] | ||
[35.512004, "o", "l"] | ||
[36.08062, "o", "\r\n"] | ||
[36.085057, "o", " % Total % Re"] | ||
[36.085775, "o", "ceived % Xferd Average Speed Time Time Time Current\r\n Dload Upload Total Spent Left Speed\r\n\r 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0"] | ||
[36.112172, "o", "\r100 178 100 178 0 0 659"] | ||
[36.112302, "o", "2 0 --:--:-- --:--:-- --:--:-- 6592\r\n"] | ||
[36.218685, "o", "\r100 25072 100 25072 0 0 "] | ||
[36.218852, "o", " 184k 0 --:--:-- --:--:-- --:--:-- 184k\r\n"] | ||
[36.220937, "o", "\u001b]0;user@computer:~\u0007"] | ||
[36.22108, "o", "[user@computer ~]$ "] | ||
[37.195864, "o", "f"] | ||
[37.23338, "o", "g"] | ||
[37.435227, "o", "\r\n"] | ||
[37.435328, "o", "sudo bro -C -i wlp2s0 -b /usr/share/ivre/bro/ivre/passiverecon/bare.bro | ivre passiverecon2db -s WIFI\r\n"] | ||
[38.384751, "o", "^C"] | ||
[38.385226, "o", "1562353406.793166 received termination signal\r\n1562353406.793166 155 packets received on interface wlp2s0, 0 dropped\r\n"] | ||
[41.776905, "o", "\u001b]0;user@computer:~\u0007"] | ||
[41.77702, "o", "[user@computer ~]$ "] | ||
[42.362434, "o", "\u001b[H\u001b[2J[user@computer ~]$ "] | ||
[42.711153, "o", "i"] | ||
[42.780162, "o", "v"] | ||
[42.828038, "o", "r"] | ||
[42.955366, "o", "e"] | ||
[43.032155, "o", " "] | ||
[43.319668, "o", "i"] | ||
[43.393954, "o", "p"] | ||
[43.500147, "o", "i"] | ||
[44.306077, "o", "n"] | ||
[44.392362, "o", "f"] | ||
[44.510192, "o", "o"] | ||
[44.596798, "o", " "] | ||
[46.166664, "o", "1"] | ||
[46.249601, "o", "9"] | ||
[46.323971, "o", "2"] | ||
[46.448813, "o", "."] | ||
[46.573578, "o", "1"] | ||
[47.834176, "o", "6"] | ||
[47.89559, "o", "8"] | ||
[48.22922, "o", "."] | ||
[48.496834, "o", "0"] | ||
[48.653954, "o", "."] | ||
[48.772941, "o", "0"] | ||
[48.976135, "o", "/"] | ||
[49.499161, "o", "2"] | ||
[49.558127, "o", "4"] | ||
[49.979599, "o", " "] | ||
[50.31059, "o", "|"] | ||
[50.411573, "o", " "] | ||
[50.636597, "o", "l"] | ||
[50.713615, "o", "e"] | ||
[50.86064, "o", "s"] | ||
[50.95818, "o", "s"] | ||
[51.081504, "o", " "] | ||
[51.288748, "o", "-"] | ||
[51.366148, "o", "S"] | ||
[51.593009, "o", "\r\n"] | ||
[51.595451, "o", "\u001b[?1049h\u001b[22;0;0t\u001b[?1h\u001b=\r"] | ||
[51.924173, "o", "192.168.0.11\r\n HTTP_CLIENT_HEADER USER-AGENT curl/7.65.1 (1 time) 2019-07-05 21:03:24\u001b[7m>\u001b[27m\r\n SSL_CLIENT ja3 f436b9416f37d134cadd04886327d3e8 (1 time) 2019-07-05 21\u001b[7m>\u001b[27m\r\n sha1: bd41bd5b017cb69e58ed5ae4f653b1109350e5b6\r\n sha256: 8873f80e029eacd93b45cd4f4f376c6ee85cc5efc670b317f67716\u001b[7m>\u001b[27m\r\n raw: 771,4866-4867-4865-49196-49200-159-52393-52392-52394-4919\u001b[7m>\u001b[27m\r\n"] | ||
[52.418122, "o", "\u001b[7m(END)\u001b[27m\u001b[K"] | ||
[54.750132, "o", "\r\u001b[K\u001b[?1l\u001b>\u001b[?1049l\u001b[23;0;0t"] | ||
[54.75066, "o", "\u001b]0;user@computer:~\u0007[user@computer ~]$ "] | ||
[55.156262, "o", "i"] | ||
[55.226965, "o", "v"] | ||
[55.260912, "o", "r"] | ||
[55.392093, "o", "e"] | ||
[55.464556, "o", " "] | ||
[55.715778, "o", "i"] | ||
[55.795296, "o", "p"] | ||
[56.374659, "o", "h"] | ||
[56.454579, "o", "o"] | ||
[56.55273, "o", "s"] | ||
[56.684879, "o", "t"] | ||
[56.785833, "o", " "] | ||
[57.360733, "o", "i"] | ||
[57.448605, "o", "v"] | ||
[57.47769, "o", "r"] | ||
[57.626556, "o", "e"] | ||
[57.786111, "o", "."] | ||
[57.942751, "o", "r"] | ||
[58.036666, "o", "o"] | ||
[58.134704, "o", "c"] | ||
[58.238656, "o", "k"] | ||
[58.313606, "o", "s"] | ||
[58.554463, "o", "\r\n"] | ||
[58.766788, "o", "ivre.rocks A 5.135.166.161 (89.2.0.1:53, 1 time, 2019-07-05 21:03:16.063000 - 2019-07-05 21:03:16.063000)\r\n"] | ||
[58.766899, "o", "ivre.rocks MX spool.mail.gandi.net (89.2.0.1:53, 1 time, 2019-07-05 21:03:16.080000 - 2019-07-05 21:03:16.080000)\r\nivre.rocks MX fb.mail.gandi.net (89.2.0.1:53, 1 time, 2019-07-05 21:03:16.080000 - 2019-07-05 21:03:16.080000)\r\n"] | ||
[59.290849, "o", "\u001b]0;user@computer:~\u0007"] | ||
[59.291017, "o", "[user@computer ~]$ "] | ||
[60.802733, "o", "i"] | ||
[60.856556, "o", "v"] | ||
[60.905849, "o", "r"] | ||
[61.024079, "o", "e"] | ||
[61.111392, "o", " "] | ||
[61.366682, "o", "i"] | ||
[61.459323, "o", "p"] | ||
[61.554923, "o", "i"] | ||
[61.758187, "o", "n"] | ||
[61.94396, "o", "f"] | ||
[62.092992, "o", "o"] | ||
[62.186783, "o", " "] | ||
[65.515674, "o", "5.135.166.161"] | ||
[65.995779, "o", " "] | ||
[67.040086, "o", "|"] | ||
[67.167227, "o", " "] | ||
[67.371561, "o", "l"] | ||
[67.415375, "o", "e"] | ||
[67.571978, "o", "s"] | ||
[67.688084, "o", "s"] | ||
[67.737027, "o", " "] | ||
[67.953979, "o", "-"] | ||
[68.052582, "o", "S"] | ||
[68.352154, "o", "\r\n"] | ||
[68.354249, "o", "\u001b[?1049h\u001b[22;0;0t\u001b[?1h\u001b=\r"] | ||
[68.5836, "o", "5.135.166.161\r\n FR [France] \r\n AS16276 [OVH SAS] \r\n DNS_ANSWER A-89.2.0.1-53 ivre.rocks (1 time) 2019-07-05 21:03:16 - 201\u001b[7m>\u001b[27m\r\n domain: ['ivre.rocks', 'rocks']\r\n 80 HTTP_CLIENT_HEADER_SERVER HOST ivre.rocks (1 time) 2019-07-05 21:03\u001b[7m>\u001b[27m\r\n 80 HTTP_SERVER_HEADER SERVER nginx (1 time) 2019-07-05 21:03:24 - 2019\u001b[7m>\u001b[27m\r\n service_name: http\r\n service_product: nginx\r\n 443 SSL_SERVER cert 0..]0..E........4.....9pLO..'....0...*.H........0J\u001b[7m>\u001b[27m\r\n md5: 5e1806f4d6071ccd408ff4858b63c3cd\r\n sha1: 1e9d23ebf837cf331494fc29616abf48f7b0dafe\r\n sha256: d64e7e81a59efe89229b90d8c37ddcb3ae8f2683c1e48bd5e7301a\u001b[7m>\u001b[27m\r\n issuer: {'countryName': 'US', 'organizationName': \"Let's Encry\u001b[7m>\u001b[27m\r\n issuer_text: countryName=US/organizationName=Let's Encrypt/com\u001b[7m>\u001b[27m\r\n subject: {'commonName': 'ivre.rocks'}\r\n "] | ||
[68.583739, "o", " subject_text: commonName=ivre.rocks\r\n pubkeyalgo: rsaEncryption\r\n san: ['DNS:ivre.rocks', 'DNS:www.ivre.rocks']\r\n 443 SSL_SERVER ja3-f436b9416f37d134cadd04886327d3e8 c7a16ad7c1155ce6d7\u001b[7m>\u001b[27m\r\n sha1: cf855106feb336118cb5383172d36a3f54e69e80\r\n sha256: 699e9de9a3ac8f99bdcea41f239f7350ec7f6654aea9e79d24dcee\u001b[7m>\u001b[27m\r\n raw: 771,52392,65281-11-23-16\r\n:\u001b[K"] | ||
[71.912291, "o", "\r\u001b[K \u001b[KESC\b\b\bESC\u001b[K[\b[\u001b[K6\b6\u001b[K~\b~\r\u001b[K"] | ||
[71.912402, "o", " client: {'raw': '771,4866-4867-4865-49196-49200-159-52393-5239\u001b[7m>\u001b[27m\r\n\u001b[7m(END)\u001b[27m\u001b[K"] | ||
[73.563447, "o", "\r\u001b[K \u001b[KESC\b\b\bESC\u001b[K[\b[\u001b[K5\b5"] | ||
[73.563554, "o", "\u001b[K~\b~\r\u001b[K\u001b[H\u001bM5.135.166.161\r\n\u001b[24;1H\r\u001b[K:\u001b[K"] | ||
[74.893357, "o", "\r\u001b[K\u001b[?1l\u001b>\u001b[?1049l\u001b[23;0;0t"] | ||
[74.893966, "o", "\u001b]0;user@computer:~\u0007[user@computer ~]$ "] | ||
[76.45485, "o", "exit\r\n"] |
Oops, something went wrong.