GryphonCTF_2016: Shark Web
Category: Web Points: 10 Description:
One of our admins was testing his secret web page in the organisation's internal network. A very skilled hacker listened to his packets.. Can you sniff his credentials from it..? Play at http://play.spgame.site:9995 Creator - Chen Qiurong (@pc84560895)
Write-up
This time around, we get a PCAP file. We can use a tool like WireShark. Opening the file and opening packet #4, you notice two fields user
and pass
. Could they be the credentials?
Entering the username IwannaWatch
and password SumMovies
into the page at http://play.spgame.site:9995/
, you get a page with the flag.
Therefore, the flag is GCTF{3ncryp7_y0ur_c0nn3c710n}
.