Write-up author: jon-brandy
Download the packet capture file and use packet analysis software to find the flag.
- Wireshark, if you can install and use it, is probably the most beginner friendly packet analysis software product.
- First, download the file given.
- It is known that the extension is
.pcap
and based from the hint, we may try to usewireshark
. - Next, open
wireshark
on your kali linux, then try to chooseopen file
and choose thenetwork-dump.flag.pcap
file. - Here is how it looks after you opened the file.
- Now try to check the number
4
.
- Look to the packet bytes at below. Finally we got the flag!
p i c o C T F { p 4 c k 3 7 _ 5 h 4 r k _ 0 1 b 0 a 0 d 6 }
picoCTF{p4ck37_5h4rk_01b0a0d6}