Posted on by and filed under CSAW 2013.

Networking 1
Okay so for this challenge we are given a file called networking.pcap. This is a packet capture which can be opened in WireShark. But first lets try to just see if the flag is in plaintext. So I downloaded the file and ran the strings (included in Mac and Linux) command on it:
strings networking.pcap
38400,38400
XTERM
Ubuntu 12.04.2 LTS
hockeyinjune-virtual-machine login:
Password:
flag{d316759c281bf925d600be698a4973d5}
Login incorrect
hockeyinjune-virtual-machine login:
flag{d316759c281bf925d600be698a4973d5}
So we submit: d316759c281bf925d600be698a4973d5 and get 50 points

Networking 2
In this challenge we are presented with 2 files networking 200.pcap and networking.pcap.process. I don’t know what a .process file is but lets try the same thing we tried for the first challenge.
strings networking.pcap.process
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
flag{f9b43c9e9c05be5e08ea163007af5144}.exe!
flag{f9b43c9e9c05be5e08ea163007af5144}.exe"
flag{f9b43c9e9c05be5e08ea163007af5144}.exe$
flag{f9b43c9e9c05be5e08ea163007af5144}.exe%
flag{f9b43c9e9c05be5e08ea163007af5144}.exe'
flag{f9b43c9e9c05be5e08ea163007af5144}.exe(
flag{f9b43c9e9c05be5e08ea163007af5144}.exe*
flag{f9b43c9e9c05be5e08ea163007af5144}.exe+
flag{f9b43c9e9c05be5e08ea163007af5144}.exe-
flag{f9b43c9e9c05be5e08ea163007af5144}.exe/
flag{f9b43c9e9c05be5e08ea163007af5144}.exe0
flag{f9b43c9e9c05be5e08ea163007af5144}.exe1
flag{f9b43c9e9c05be5e08ea163007af5144}.exe2
flag{f9b43c9e9c05be5e08ea163007af5144}.exe3
flag{f9b43c9e9c05be5e08ea163007af5144}.exe5
flag{f9b43c9e9c05be5e08ea163007af5144}.exe7
flag{f9b43c9e9c05be5e08ea163007af5144}.exe8
flag{f9b43c9e9c05be5e08ea163007af5144}.exe:
flag{f9b43c9e9c05be5e08ea163007af5144}.exe;
flag{f9b43c9e9c05be5e08ea163007af5144}.exe<
flag{f9b43c9e9c05be5e08ea163007af5144}.exe=
flag{f9b43c9e9c05be5e08ea163007af5144}.exe?
flag{f9b43c9e9c05be5e08ea163007af5144}.exe
So it appears our flag is f9b43c9e9c05be5e08ea163007af5144 we submit that and get another 50 points!