Wednesday, May 29, 2013

CodeGate Qualifiers CTF 2011 : Network - 100 Points

CodeGate Qualifiers CTF 2011 : Network - 100 Points

Hints given to us:
I didn't write down the exact hints for this but i remember vividly that the answer will be in the form of MD5 hash of a file.

This is the original file:
File:117A1160EC201EB79D2331A3E3C2979D.zip

Recommended Tools:
Linux's "file" & "md5sum" commands
Wireshark (http://www.wireshark.org/) - For sniffing and analysing traffic.

Identifying the File:
Using Linux's file command, we have identified this file as a pcap file. That makes sense since it is in the Network category. :P
Ok, now let's fire up our Wireshark and take a look at the pcapfile.
Since we are given a clue of finding the MD5 hash of a file.
Let's check out all the files in this given pcap file.

First we click File -> Export -> Objects -> HTTP



Geez....a lot of files in there. Finally, we notice there is a H1A1.exe file
Let's click on that and "SaveAs".

Final Solution:
Now let's use "md5sum" on the exported file and the returned results is "7A5807A5144369965223903CB643C60E"
So i tried that as the key and it worked. :D

cheers
0x4a61636f62

No comments:

Post a Comment