|
|
|
|
|
|
by diegoprzl
3305 days ago
|
|
|
The last time I had read about this technique was in 2010. [1] Those slides are a very good explanation. Back then I thought about it as a way to either sniff confidential data from the downlink or as a way to have an anonymous internet connection provided your ISP doesn't filter spoofed ips. Very interesting to see it used in the wild and for a C&C. [1] http://www.blackhat.com/presentations/bh-dc-10/Nve_Leonardo/... |
|
|