← All Challenges

Suspicious Capture

Forensics 300 pts standard
Challenge Description

A network capture was found after a breach.

Flag format: HackCTF{...}

Files
↓ traffic.pcap
Hints
View Hint : Hints

Hint 1: Use Wireshark or tcpdump to open the file.

Hint 2: The "Story" mentions a breach. Most web traffic is either HTTP or HTTPS. Try filtering for http.

Hint 3: Look closely at the "Headers" of the request. Attackers often hide data in the User-Agent or Cookie fields.

Submit Flag

Login to submit a flag.