Get the Key!


Points: 100
Category: Network


Hint: None

Write up

We can analyze the file using WireShark. Looking at the traffic, we can say that the user requested for a bunch of HTML’s and images . Let us export all the HTML objects and see.


Some of them are simple gif’s but on opening the ` nw100 ` html page in the browser we see that there is a file called ` key.html ` . This is the one which contains the flag. Now we return to WireShark and find out the server address to where the request is sent.

On going to ` ` we find that it asks for authentication -


In WireShark we find the packet in which he sends his login information to the server and analyze it.


On following the TCP Stream we find that the authorisation was Basic and we have the Base-64 encoding of the id and the password in the folowing format - ` id:password`

After the conversion of c2VjY29uMjAxNDpZb3VyQmF0dGxlRmllbGQ= to ASCII we get the string as - ` seccon2014:YourBattleField `

Using these credentials on the authentication page we are granted access to the ` key.html ` file. This, on opening gives us the flag.

Flag :