Forensics – WebNet1

WebNet1 - 450pt


We found this packet capture and key. Recover the flag.


Try using a tool like Wireshark.
How can you decrypt the TLS stream?


Same process as WebNet0. Open the pcap file with Wireshark. This time a jpeg image is requested via HTTP (vulture.jpg). If you go in packet 91 and look at the reassembled ssl bytes you will find the flag hidden inside.


Lascia un commento

Il tuo indirizzo email non sarà pubblicato. I campi obbligatori sono contrassegnati *