nw100.pcapSolution:
Download this pcap file and open this file with Wireshark, Next step I go to menu Statistics > Protocol Hierarchy, select Hypertext Transfer Protocol (right click) > Apply as Filter > Selected
Authorization Required to /nw/100/ ? Go to Follow TCP Stream and get username and password base64 format to decode and authen in http://133.242.224.21:6809/nw100/
Base64 Decode:
root@ubuntu:~# echo c2VjY29uMjAxNDpZb3VyQmF0dGxlRmllbGQ= | base64 --decode seccon2014:YourBattleField root@ubuntu:~#
It mean username seccon2014 and password YourBattleField go to authen in http://133.242.224.21:6809/nw100/
Access to http://133.242.224.21:6809/nw100/key.html and get a flag. :)
Flag: SECCON{Basic_NW_Challenge_Done!}
ไม่มีความคิดเห็น:
แสดงความคิดเห็น