English [Internetwache CTF 2016] [Misc 70 – Rock with the wired shark!] Write Up

Description

Sniffing traffic is fun. I saw a wired shark. Isn’t that strange?

Resolution

There was only 3 HTTP GET requests (packets #13 and #37).

The response to the 1st HTTP GET request (packet #29) was a 401 Unauthorized.

The response to the 2nd HTTP GET request (packet #53) was a HTML page:
index_of_misc_70
Based on the GET request (packet #37), we noticed the access was allowed due to a good AUTH header:
Authorization: Basic ZmxhZzphenVsY3JlbWE=
(Plaintext credentials: flag:azulcrema)

The 3rd HTTP request (packet #61), was a downloading of “flag.zip”.
We dumped the file but there was a password so we tried “azulcrema” and it worked to get a flag.txt.

Flag was IW{HTTP_BASIC_AUTH_IS_EASY}

Leave a Reply

Your email address will not be published.