CSC2023 - [Forensics] - Bad Signals
Challenge Description
Team RootXRAN got this capture file from person who likes rock music. They don't know what to do with this file. Can you help them in finding secret.
Solution
Protocol Hierarchy shows that most of the packets are related to 802.11 wireless
Also there is a handshake in the capture file
Extract bssid from one packet
aircrack-ng -w rockyou.txt -b 54:B1:21:26:9D:38 forensics.cap
Password is banana123
Decrypting Traffic
We would use airdecap-ng to decrypt the traffic
Check packets for essid CYBERSLEUTH - 1337
airdecap-ng -e "CYBERSLEUTH - 1337" forensics.cap -p banana123 -o decryptedtraffic.cap
Open decryptedtraffic.cap
in wireshark
Flag
CSC{Int3r3tin6_s7uFF_u5ing_WiFi_Cr4ck1ng_T00ls}
Writeups 2023 © RootxRAN.