This isn't what I had in mind, when I asked someone to capture a flag... can you help?
You should check out WireShark.
1 day ago
any referential writeup or solution video available for this?
1 week ago
3 months ago
how do people know that it is base64?
2 months ago
If I read that question correctly, the answer is that you have '=' sign which is well-known for being base64 padding symbol.
strings capture.pcap | grep -i "GET /" and the rest is on you.
strings capture.pcap | grep -i "GET /"
4 months ago
Just don't overthink it its pretty much in plain sight. You just have to GET it right.
6 months ago
GET it right
A pretty hard one, but fun.
tip for general wireshark usage: statistics --> protocol hierarchy
1 year ago
i just solved it with manual filter, but i have one question. how we know when filter to http or udp or tcp or etc? where's found this clue?
you should read some networking stuff
11 months ago
HTTP is the application level protocol, so this can contain the meaningful information for us. In contrast, TCP/UDP chunks that information and create packets which is not very meaningful. As in this case you're looking for a flag, it's only possible that application layer protocols will contain the whole information.
7 months ago
Thank you, this comment was really helpful!
2 years ago
Quite hard, but doable (but not easy, at least medium IMO)
Hint 3: VGhlIG1lc3NhZ2UgaXMgQmFzZTY0IGVuY29kZWQ=
thanks found it
Thanks for Base64 encoding your hints.