CodeGate Qualifiers CTF 2011 : Network – 100 Points
Hints given to us:
I didn’t write down the exact hints for this but i remember vividly that the answer will be in the form of MD5 hash of a file.
This is the original file:
Linux’s “file” & “md5sum” commands
Wireshark (http://www.wireshark.org/) – For sniffing and analysing traffic.
Identifying the File:
Using Linux’s file command, we have identified this file as a pcap file. That makes sense since it is in the Network category. 😛
Ok, now let’s fire up our Wireshark and take a look at the pcapfile.
Since we are given a clue of finding the MD5 hash of a file.
Let’s check out all the files in this given pcap file.
Geez….a lot of files in there. Finally, we notice there is a H1A1.exe file
Let’s click on that and “SaveAs“.
Now let’s use “md5sum” on the exported file and the returned results is “7A5807A5144369965223903CB643C60E”
So i tried that as the key and it worked. 😀