Wireshark doo dooo do doo...
Last updated
Was this helpful?
Last updated
Was this helpful?
Can you find the flag? shark1.pcapng.
Open the file in wireshark and type in tcp.stream eq 5
to get the 5th TCP stream.
Right click any entry, click follow, and then click "TCP Stream."
The flag will now be shown, but it is encoded: Gur synt vf cvpbPGS{c33xno00_1_f33_h_qrnqorrs}
We can decode the flag by passing it through ROT13 since this is a basic Caesar's cipher. You can decode ROT13 using , for instance.
picoCTF{p33kab00_1_s33_u_deadbeef}