PcapPoisoning

Challenge Description

After downloading the file, we realise that it is a pcap file, as the challenge name already suggests.

Using `strings`

Acquiring the flag using strings

We can run strings <file-name> | grep pico to get the flag immediately. Piping the output of the strings command through grep will allow us to filter out line(s) that contain the search term “pico”.

Alternatively, we can use Wireshark for packet analysis.

Using Wireshark

Using the display filter tcp contains "pico", we narrow our search to 1 packet that contains our flag.

Flag

picoCTF{P64P_4N4L7S1S_SU55355FUL_31010c46}

Writeups

Explorer

PcapPoisoning

Challenge Description

Using `strings`

Using Wireshark

Graph View

Table of Contents

Backlinks

Writeups

Explorer

PcapPoisoning

Challenge Description

Using strings

Using Wireshark

Graph View

Table of Contents

Backlinks

Using `strings`