This isn't what I had in mind, when I asked someone to capture a flag... can you help?
You should check out WireShark.
5 days ago
HINT => that file must be opened somehow with wireshark
6 days ago
it's really hard , if i didn't read the comments i wouldn't solve it
3 weeks ago
4 weeks ago
its not that difficult when you know what you searching for , its a "ENCODED" message , Regex will be your hero .
2 months ago
it's all solved with base64 (:
3 months ago
i love base64
4 months ago
Hint: Change the extension to .pcap (Wireshark extension)
2 years ago
1 year ago
strings capture.pcap | grep -i "GET /" and the rest is on you.
strings capture.pcap | grep -i "GET /"
Just don't overthink it its pretty much in plain sight. You just have to GET it right.
3 years ago
i just solved it with manual filter, but i have one question. how we know when filter to http or udp or tcp or etc? where's found this clue?
you should read some networking stuff
HTTP is the application level protocol, so this can contain the meaningful information for us. In contrast, TCP/UDP chunks that information and create packets which is not very meaningful. As in this case you're looking for a flag, it's only possible that application layer protocols will contain the whole information.
Thank you, this comment was really helpful!
Quite hard, but doable (but not easy, at least medium IMO)
Hint 3: VGhlIG1lc3NhZ2UgaXMgQmFzZTY0IGVuY29kZWQ=
thanks found it
Thanks for Base64 encoding your hints.