Shark in the Ocean

Shark??? in the ocean??? Ayo?????

We were given a pcap file with little to no hints given. Naturally, we just looked filter for HTTP traffic but unfortunately, we did not find anything interesting 😢

pcap dump

At this point, we looked at almost every protocol that were in the pcap file and we were not making any progress. Finding a needle in the haystack.

A teammate of ours had an idea to filter for 22{ via packet bytes. The reason being was because that is the last 3 characters of STANDCON22{} flag.

We kept on looking till we saw an interesting string, FGNAQPBA22{J1E3FU4EX_RKC3EG?}. It looked like a flag but obfuscated! 😲

Additional Information: Here's a good resource on detecting ROT13 /Base64 encryption.

As we were analysing the string, we realised that it has a shift value of 13, and so, we figured that it is a ROT13 cipher.

We went to CyberChef and we managed to get the flag!!! 🎉

Flag: STANDCON22{W1R3SH4RK_EXP3RT?}

Challenge Files

93MB
SHARK_IN_THE_OCEAN(1).pcapng
PreviousWalks like a cat, barks like a dogNextAtlan Safe P1

Last updated