diff options
Diffstat (limited to 'tests/cfgs/default/result/websocket-chisel-ssh.pcap.out')
| -rw-r--r-- | tests/cfgs/default/result/websocket-chisel-ssh.pcap.out | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/tests/cfgs/default/result/websocket-chisel-ssh.pcap.out b/tests/cfgs/default/result/websocket-chisel-ssh.pcap.out index 87e1fd3ae..5062422e8 100644 --- a/tests/cfgs/default/result/websocket-chisel-ssh.pcap.out +++ b/tests/cfgs/default/result/websocket-chisel-ssh.pcap.out @@ -24,5 +24,7 @@ WebSocket 9 1243 2 Acceptable 9 1243 2 +Web 9 1243 2 + 1 TCP 172.18.82.242:41986 <-> 172.18.82.243:80 [proto: 7.251/HTTP.WebSocket][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][3 pkts/429 bytes <-> 4 pkts/477 bytes][Goodput ratio: 52/43][0.52 sec][Hostname/SNI: something1.tld][bytes ratio: -0.053 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 106/102 213/307 106/145][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 143/119 289/247 103/74][StatusCode: 101][Server: nginx][User-Agent: Go-http-client/1.1][Risk: ** Obfuscated Traffic **][Risk Score: 100][Risk Info: Obfuscated SSH-in-HTTP-WebSocket traffic][TCP Fingerprint: 2_64_65500_c9121a61c67d/Unknown][PLAIN TEXT (GET / H)][Plen Bins: 33,0,0,0,0,33,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 2 TCP 172.18.82.243:80 -> 172.18.82.242:51634 [proto: 7.251/HTTP.WebSocket][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.251/HTTP.WebSocket, Confidence: DPI][DPI packets: 2][cat: Web/5][2 pkts/337 bytes -> 0 pkts/0 bytes][Goodput ratio: 61/0][< 1 sec][StatusCode: 101][Server: nginx][Risk: ** HTTP Susp User-Agent **** Unidirectional Traffic **][Risk Score: 110][Risk Info: No client to server traffic / Empty or missing User-Agent][PLAIN TEXT (HTTP/1.1 101 Switching Protocol)][Plen Bins: 50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |