PcapPoisoning
Author: Mubarak Mikail | 100 points
Last updated
Author: Mubarak Mikail | 100 points
Last updated
How about some hide and seek heh?
Download this file and find the flag.
For this challenge we are given a pcap file and told to investigate it. Once we open the pcap file in Wireshark, we can see the majority of the data is from a root FTP login session.
After scrolling through the packet data we eventually come across a packet which contains the flag.
If the pcap was much larger, we could also have found the flag using the Find Packet (Ctrl+F) tool, specifying a search for packet bytes and using the string "pico" to search.
The flag found in the network traffic is picoCTF{P64P_4N4 L7S1S_SU55355FUL _31010c46}