Wireshark doo dooo do doo…

Hi I am Gr33nPoison And I have Just Started My Journey In CyberSecurity ,so This is my One of the First challenge of Forensics in PicoCTF-picoGym i have solved with wireshark.

Step1:Download The File From https://play.picoctf.org/practice/challenge/115?category=4&page=1.

Step2: Open That packet using wireshark to start Analysis.

Step 3:Where i Have Got My First Clue of Flag That is f{.

Step4: In This Step I have i Selected That Packet that Http packet And i Right by selecting that packet and clicked on follow & then selected tcp stream.so that i can follow the clue.

Step5: Then In This Step I got many data as u can see below screenshot but i filtered in using stream .

step 6: i have changed stream to 1 then 2 .

Step 7: i continued changing stream until i get some meaningful data that is You can see in this below Screenshot.

Step 8: And At last I Got The Flag At Stream 5 but it was Encrypted.

Step 9: This Flag was Encrypted using caesar cipher so i used online tool to bruteforce it .

Step 10: And Finally I got the Flag.

picoCTF{p33ka00_1_s33_u_deadbeef}