Skip to content

Commit

Permalink
Updated README.md
Browse files Browse the repository at this point in the history
  • Loading branch information
Luke Jennings committed Apr 17, 2017
1 parent 83d2ff9 commit 3443f50
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,3 +21,7 @@ root@kali:~# python detect_doublepulsar.py --ip 192.168.175.128
root@kali:~# python detect_doublepulsar.py --ip 192.168.175.128

[+] [192.168.175.128] DOUBLEPULSAR DETECTED!!!

This repository also contains three Snort signatures that can be used for detecting the use of the unimplemented SESSION_SETUP Trans2 command that the ping utility uses and different response cases. While we do not condone the reliance on signatures for effective attack detection, due to how easily they are bypassed, these rules are highly specific and should provide some detection capability against new threat groups reusing these exploits and implants without modification.

For more information on this thinking, see the following article - https://www.countercept.com/our-thinking/missioncontrolasaurus/

0 comments on commit 3443f50

Please sign in to comment.