Forum Discussion

retornet's avatar
retornet
Icon for Bronze II rankBronze II
3 days ago
Solved

CVE-2020-11651 (SaltStack RCE) – Defensive

Using the PCAP file located on the Desktop, what are the last five characters of the root_key that was sent to the attacker?

I am stuck with question number 5. Any Hint? I tried tcp.payload matches "_send_pub" and just tcp.port == 4506