Skip to content

01

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History

01

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
write-ups
write-ups
 
 
network-challenge01.zip
network-challenge01.zip
 
 
readme.md
readme.md
 
 

readme.md

Write-ups for TCTT2022/Network/01

Flag pattern

TCTT2022{xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx}

Challenge Files

network-challenge01

Solution

  1. First, Let open the pcap file with wireshark and analyze it with Statistics > Protocol Hierarchy.

wireshark_result_1

wireshark_result_2

  1. It look like there is a lot of FTP request, so export the FTP data with File > Export Objects > FTP-DATA.

wireshark_result_3

  1. We found secret.zip, so let save it.

wireshark_result_4

  1. Trying to unzip it, but it need a password.

wireshark_result_5

  1. Let crack it with fcrackzip and rockyou wordlist with this command.
fcrackzip -u -D -p <PATH-TO-WORDLIST> <PATH-TO-ZIP-FILE>

fcrackzip_result

As you can see, the password is password.

  1. We use previous password to unzip the zip file and we got secret.

secret_file

  1. We cat that file, and the result is tctt2022{Steal_Data_via_FTP}