Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the ultimate-blocks domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/margheri/public_html/wp-includes/functions.php on line 6121

Notice: _load_textdomain_just_in_time işlevi yanlış çağrıldı. Translation loading for the perfect-portfolio domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Ayrıntılı bilgi almak için lütfen WordPress hata ayıklama bölümüne bakın. (Bu ileti 6.7.0 sürümünde eklendi.) in /home/margheri/public_html/wp-includes/functions.php on line 6121
Tryhackme: Wireshark: The Basics - Aleyna Doğan

Tryhackme: Wireshark: The Basics

The Room: “Learn the basics of Wireshark and how to analyse protocols and PCAPs.”

https://tryhackme.com/room/wiresharkthebasics

Task 1: Introduction

1.1. Which file is used to simulate the screenshots?

http1.pcapng

1.2. Which file is used to answer the questions?

Exercise.pcapng

Task 2: Tool Overview

2.1. Read the “capture file comments”. What is the flag?

TryHackMe_Wireshark_Demo

2.2. What is the total number of packets?

TryHackMe_Wireshark_Demo

2.3. What is the SHA256 hash value of the capture file?

TryHackMe_Wireshark_Demo

Task 3: Packet Dissection

3.1. View packet number 38. Which markup language is used under the HTTP protocol?

Extensible Markup Language

3.2. What is the arrival date of the packet? (Answer format: Month/Day/Year)

05/13/2004

3.3. What is the TTL value?

47

3.4. What is the TCP payload size?

424

3.5. What is the e-tag value?

9a01a-4696-7e354b00

Task 4: Packet Navigation

4.1. Search the “r4w” string in packet details. What is the name of artist 1?

r4w8173

4.2. Go to packet 12 and read the comments. What is the answer?

Go to packet number 39765 Look at the “packet details pane”. Right-click on the JPEG section and “Export packet bytes”. This is an alternative way of extracting data from a capture file. What is the MD5 hash value of extracted image?

911cd574a42865a956ccde2d04495ebf

4.3. There is a “.txt” file inside the capture file. Find the file and read it; what is the alien’s name?

PACKETMASTER

4.4. Look at the expert info section. What is the number of warnings?

1636

Task 5: Packet Filtering

5.1. Go to packet number 4. Right-click on the “Hypertext Transfer Protocol” and apply it as a filter. Now, look at the filter pane. What is the filter query?

http

5.2. What is the number of displayed packets?

1089

5.3. Go to packet number 33790 and follow the stream. What is the total number of artists?

3

5.4. What is the name of the second artist?

Blad3

1 Comment

  1. […] Click for different Tryhackme Writeups and Cyber Security Articles admin […]

Bir yanıt yazın

E-posta adresiniz yayınlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir