CTFtime.org / picoCTF 2021 / Wireshark doo dooo do doo... / Writeup

# Wireshark Doo Dooo Do Doo...

![bi0s](https://github.com/a3X3k/Bi0s/blob/master/CTFs/Pico21/Assets/1.png?raw=true)

- Download the `PCAPNG` file.
- Analyse it using `Wireshark`.
- After following `TCP` Stream we shall find that the last line seems to be like a flag in `tcp.stream eq 5`

![bi0s](https://github.com/a3X3k/Bi0s/blob/master/CTFs/Pico21/Assets/2.png?raw=true)

```
cvpbPGS{c33xno00_1_f33_h_qrnqorrs}
```

- Its ROT13 Encrypted.
- So [decoding](https://www.dcode.fr/caesar-cipher) it will give the flag.

![bi0s](https://github.com/a3X3k/Bi0s/blob/master/CTFs/Pico21/Assets/3.png?raw=true)

```
Flag --> picoCTF{p33kab00_1_s33_u_deadbeef}
```

Original writeup (https://github.com/a3X3k/Bi0s/tree/master/CTFs/Pico21/Shark%20doo%20dooo%20do%20doo).

Wireshark doo dooo do doo...

Comments

Sign in with