Suspicious Capture

Forensics 300 pts standard
Challenge Description

Story: A network capture was found after a breach.

What player gets:

traffic.pcap

Task:

  • Filter HTTP traffic

  • Extract flag from payload

Skill: Wireshark basics

Difficulty: Medium

Files
↓ traffic.pcap
Hints
View Hint : Hints

Hint 1: Use Wireshark or tcpdump to open the file.

Hint 2: The "Story" mentions a breach. Most web traffic is either HTTP or HTTPS. Try filtering for http.

Hint 3: Look closely at the "Headers" of the request. Attackers often hide data in the User-Agent or Cookie fields.

Submit Flag

Login to submit a flag.

← All Challenges