aboutsummaryrefslogtreecommitdiff
path: root/tests/result/KakaoTalk_talk.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'tests/result/KakaoTalk_talk.pcap.out')
-rw-r--r--tests/result/KakaoTalk_talk.pcap.out40
1 files changed, 20 insertions, 20 deletions
diff --git a/tests/result/KakaoTalk_talk.pcap.out b/tests/result/KakaoTalk_talk.pcap.out
index b399fd3e3..7ee9eed7c 100644
--- a/tests/result/KakaoTalk_talk.pcap.out
+++ b/tests/result/KakaoTalk_talk.pcap.out
@@ -13,23 +13,23 @@ JA3 Host Stats:
1 10.24.82.188 2
- 1 UDP 10.24.82.188:11320 <-> 1.201.1.174:23044 [proto: 87/RTP][cat: Media/1][757 pkts/106335 bytes <-> 746 pkts/93906 bytes][PLAIN TEXT (46yOXQ)]
- 2 UDP 10.24.82.188:10268 <-> 1.201.1.174:23046 [proto: 87/RTP][cat: Media/1][746 pkts/93906 bytes <-> 742 pkts/104604 bytes][PLAIN TEXT (46yOXQ)]
- 3 TCP 10.24.82.188:58857 <-> 110.76.143.50:9001 [proto: 91/TLS][cat: Web/5][22 pkts/5326 bytes <-> 18 pkts/5212 bytes][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][server: kakao.com][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
- 4 TCP 10.24.82.188:32968 <-> 110.76.143.50:8080 [proto: 91/TLS][cat: Web/5][23 pkts/4380 bytes <-> 22 pkts/5728 bytes][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][server: kakao.com][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
- 5 TCP 10.24.82.188:59954 <-> 173.252.88.128:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][15 pkts/2932 bytes <-> 14 pkts/1092 bytes][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 07dddc59e60135c7b479d39c3ae686af][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA]
- 6 UDP 10.24.82.188:10269 <-> 1.201.1.174:23047 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][12 pkts/1692 bytes <-> 10 pkts/1420 bytes]
- 7 UDP 10.24.82.188:11321 <-> 1.201.1.174:23045 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][11 pkts/1542 bytes <-> 11 pkts/1542 bytes]
- 8 TCP 10.24.82.188:48489 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][8 pkts/1117 bytes <-> 7 pkts/610 bytes][Host: hkminorshort.weixin.qq.com][PLAIN TEXT (POST http)]
- 9 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][cat: Web/5][6 pkts/543 bytes <-> 5 pkts/945 bytes]
- 10 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/TLS][cat: Web/5][3 pkts/1044 bytes <-> 2 pkts/154 bytes]
- 11 TCP 10.24.82.188:58916 <-> 54.255.185.236:5222 [proto: 178/Amazon][cat: Web/5][2 pkts/225 bytes <-> 2 pkts/171 bytes][PLAIN TEXT (xiaomi.com)]
- 12 TCP 10.24.82.188:53974 -> 203.205.151.233:8080 [proto: 131/HTTP_Proxy][cat: Web/5][5 pkts/350 bytes -> 0 pkts/0 bytes]
- 13 TCP 120.28.26.242:80 <-> 10.24.82.188:34533 [proto: 7/HTTP][cat: Web/5][3 pkts/168 bytes <-> 2 pkts/112 bytes]
- 14 UDP 10.24.82.188:25223 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/79 bytes <-> 1 pkts/118 bytes][Host: mqtt.facebook.com][PLAIN TEXT (facebook)]
- 15 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes]
- 16 TCP 173.252.88.128:443 -> 10.24.82.188:59912 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][2 pkts/124 bytes -> 0 pkts/0 bytes]
- 17 TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/83 bytes -> 0 pkts/0 bytes]
- 18 TCP 173.194.117.229:443 -> 10.24.82.188:38380 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes]
- 19 TCP 173.252.122.1:443 -> 10.24.82.188:52123 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][1 pkts/56 bytes -> 0 pkts/0 bytes]
- 20 TCP 216.58.220.161:443 -> 10.24.82.188:56697 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes]
+ 1 UDP 10.24.82.188:11320 <-> 1.201.1.174:23044 [proto: 87/RTP][cat: Media/1][757 pkts/106335 bytes <-> 746 pkts/93906 bytes][pktlen c2s avg(stddev)/entropy: 5.0(140.5)/43.2][pktlen s2c avg(stddev)/entropy: 4.9(125.9)/33.1][bytes ratio: 0.06][PLAIN TEXT (46yOXQ)]
+ 2 UDP 10.24.82.188:10268 <-> 1.201.1.174:23046 [proto: 87/RTP][cat: Media/1][746 pkts/93906 bytes <-> 742 pkts/104604 bytes][pktlen c2s avg(stddev)/entropy: 4.9(125.9)/33.1][pktlen s2c avg(stddev)/entropy: 5.0(141.0)/43.4][bytes ratio: -0.05][PLAIN TEXT (46yOXQ)]
+ 3 TCP 10.24.82.188:58857 <-> 110.76.143.50:9001 [proto: 91/TLS][cat: Web/5][22 pkts/5326 bytes <-> 18 pkts/5212 bytes][pktlen c2s avg(stddev)/entropy: 3.8(242.1)/253.9][pktlen s2c avg(stddev)/entropy: 3.6(289.6)/276.1][bytes ratio: 0.01][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][server: kakao.com][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
+ 4 TCP 10.24.82.188:32968 <-> 110.76.143.50:8080 [proto: 91/TLS][cat: Web/5][23 pkts/4380 bytes <-> 22 pkts/5728 bytes][pktlen c2s avg(stddev)/entropy: 4.1(190.4)/164.3][pktlen s2c avg(stddev)/entropy: 3.9(260.4)/240.9][bytes ratio: -0.13][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][server: kakao.com][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
+ 5 TCP 10.24.82.188:59954 <-> 173.252.88.128:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][15 pkts/2932 bytes <-> 14 pkts/1092 bytes][pktlen c2s avg(stddev)/entropy: 3.2(195.5)/228.1][pktlen s2c avg(stddev)/entropy: 3.7(78.0)/34.6][bytes ratio: 0.46][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 07dddc59e60135c7b479d39c3ae686af][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA]
+ 6 UDP 10.24.82.188:10269 <-> 1.201.1.174:23047 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][12 pkts/1692 bytes <-> 10 pkts/1420 bytes][pktlen c2s avg(stddev)/entropy: 3.6(141.0)/6.1][pktlen s2c avg(stddev)/entropy: 3.3(142.0)/0.0][bytes ratio: 0.09]
+ 7 UDP 10.24.82.188:11321 <-> 1.201.1.174:23045 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][11 pkts/1542 bytes <-> 11 pkts/1542 bytes][pktlen c2s avg(stddev)/entropy: 3.5(140.2)/5.7][pktlen s2c avg(stddev)/entropy: 3.5(140.2)/5.7][bytes ratio: 0.00]
+ 8 TCP 10.24.82.188:48489 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][8 pkts/1117 bytes <-> 7 pkts/610 bytes][Host: hkminorshort.weixin.qq.com][pktlen c2s avg(stddev)/entropy: 2.1(139.6)/198.8][pktlen s2c avg(stddev)/entropy: 2.5(87.1)/71.4][bytes ratio: 0.29][PLAIN TEXT (POST http)]
+ 9 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][cat: Web/5][6 pkts/543 bytes <-> 5 pkts/945 bytes][pktlen c2s avg(stddev)/entropy: 2.5(90.5)/24.3][pktlen s2c avg(stddev)/entropy: 1.9(189.0)/164.1][bytes ratio: -0.27]
+ 10 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/TLS][cat: Web/5][3 pkts/1044 bytes <-> 2 pkts/154 bytes][pktlen c2s avg(stddev)/entropy: 1.2(348.0)/206.5][pktlen s2c avg(stddev)/entropy: 0.9(77.0)/21.0][bytes ratio: 0.74]
+ 11 TCP 10.24.82.188:58916 <-> 54.255.185.236:5222 [proto: 178/Amazon][cat: Web/5][2 pkts/225 bytes <-> 2 pkts/171 bytes][pktlen c2s avg(stddev)/entropy: 0.9(112.5)/44.5][pktlen s2c avg(stddev)/entropy: 1.0(85.5)/17.5][bytes ratio: 0.14][PLAIN TEXT (xiaomi.com)]
+ 12 TCP 10.24.82.188:53974 -> 203.205.151.233:8080 [proto: 131/HTTP_Proxy][cat: Web/5][5 pkts/350 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+ 13 TCP 120.28.26.242:80 <-> 10.24.82.188:34533 [proto: 7/HTTP][cat: Web/5][3 pkts/168 bytes <-> 2 pkts/112 bytes][pktlen c2s avg(stddev)/entropy: 1.6(56.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(56.0)/0.0][bytes ratio: 0.20]
+ 14 UDP 10.24.82.188:25223 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/79 bytes <-> 1 pkts/118 bytes][Host: mqtt.facebook.com][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(118.0)/0.0][bytes ratio: -0.20][PLAIN TEXT (facebook)]
+ 15 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(164.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+ 16 TCP 173.252.88.128:443 -> 10.24.82.188:59912 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][2 pkts/124 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(62.0)/6.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+ 17 TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/83 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(83.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+ 18 TCP 173.194.117.229:443 -> 10.24.82.188:38380 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(56.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+ 19 TCP 173.252.122.1:443 -> 10.24.82.188:52123 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][1 pkts/56 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(56.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+ 20 TCP 216.58.220.161:443 -> 10.24.82.188:56697 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(56.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
Powered by cgit, Themed by Ted Yin.