Hints given to us:
I didn't write down the exact hints for this but i remember vividly that the answer will be in the form of MD5 hash of a file.
This is the original file:
File:117A1160EC201EB79D2331A3E3C2979D.zip
Recommended Tools:
Linux's "file" & "md5sum" commands
Wireshark (http://www.wireshark.org/) - For sniffing and analysing traffic.
Identifying the File:
Using Linux's file command, we have identified this file as a pcap file. That makes sense since it is in the Network category. :P
Ok, now let's fire up our Wireshark and take a look at the pcapfile.
Since we are given a clue of finding the MD5 hash of a file.
Let's check out all the files in this given pcap file.
First we click File -> Export -> Objects -> HTTP
Geez....a lot of files in there. Finally, we notice there is a H1A1.exe file
Let's click on that and "SaveAs".
Final Solution:
Now let's use "md5sum" on the exported file and the returned results is "7A5807A5144369965223903CB643C60E"
So i tried that as the key and it worked. :D
cheers
0x4a61636f62
No comments:
Post a Comment