Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
20 lines (11 sloc) 677 Bytes

Nebula level08


Call getflag from the flag08 account.


In this example, there is a .pcap file in the /home/flag08 directory. A quick Google shows that a .pcap file is a packet capture, so we need to figure out how to dump it.


To dump the file, we can run tcpflow -c -r capture.pcap. This shows us that the packets sent look like the following: backdoor...00Rm8.ate. Trying backdoor and backdoor...00Rm8.ate don't work as passwords. However, if you interpret the '.' as a backspace, you can see that the password is backd00Rmate. Now you can log into the flag08 account.