#7 [PATCH:] Download possibility for payload

BASE
closed-accepted
Kevin Johnson
None
8
2005-08-17
2005-07-31
Anonymous
No

Hello,

I have written a small patch over the weekend that enables the base user to download or save the payload displayed by base (in hex code and in ascii code).

The pure payload in its binary form can be downloaded.

This is useful for further investigating the packets, because not everything can be
handled by "Follow tcpstream" in ethereal or by tcpflow or nstreams.

The patch consists of
two files:

base_qry_alert.php.diff
base_payload.php

I have done some first testing on a linux platform with snort-2.4.0, base-1.1.3 and with mysql encoding both in hex mode and in base64 mode.

Bye, bye

Juergen Leising
-

Discussion

  • tar.gz consists of a diff -Nur against base_qry_alert.php from base-1.1.3, and of a new file base_payload.php

     
  • Kevin Johnson
    Kevin Johnson
    2005-08-16

    • milestone: --> BASE
    • priority: 5 --> 8
    • assigned_to: nobody --> secureideas
    • status: open --> open-accepted
     
  • Kevin Johnson
    Kevin Johnson
    2005-08-16

    Logged In: YES
    user_id=836228

    I will be checking this into CVS tonight.... Thanks this is a
    very interesting idea.

    Kevin

     
  • Kevin Johnson
    Kevin Johnson
    2005-08-17

    Logged In: YES
    user_id=836228

    This is checked in.... and we will be testing it...

    Kevin

     
  • Kevin Johnson
    Kevin Johnson
    2005-08-17

    • status: open-accepted --> closed-accepted