English [Internetwache CTF 2016] [Misc 70 – Rock with the wired shark!] Write Up


Sniffing traffic is fun. I saw a wired shark. Isn’t that strange?


There was only 3 HTTP GET requests (packets #13 and #37).

The response to the 1st HTTP GET request (packet #29) was a 401 Unauthorized.

The response to the 2nd HTTP GET request (packet #53) was a HTML page:
Based on the GET request (packet #37), we noticed the access was allowed due to a good AUTH header:
Authorization: Basic ZmxhZzphenVsY3JlbWE=
(Plaintext credentials: flag:azulcrema)

The 3rd HTTP request (packet #61), was a downloading of “flag.zip”.
We dumped the file but there was a password so we tried “azulcrema” and it worked to get a flag.txt.


Leave a Reply

Your email address will not be published. Required fields are marked *