Guildenstern has asked for the wisdom of the Perl Monks concerning the following question:
I am testing a product, and am trying to determine how secure the remote adminstration tool is. I have captured many packets while performing normal admin type tasks. I have this information in a text file, with only the data sections of each packet present. (From the UDP checksum to the end of the packet.)
What I want to do is write a script that will check outgoing and incoming packets for repetitions of patterns, since there is supposed to be a "magic number" embedded in the packet to identify it as coming from the correct application, and to see how well encrypted the password is (username is sent cleartext!). What would be a good way to go about finding the largest sequence of bytes that show up in the largest number of packets?
I've hacked quite a few scripts in my day, but they were pretty simple. I have a feeling that if I go at this without a little direction the results could be particularly ugly. Any suggestions (hashes, regexp, invocation of minor deities) are welcome.