Network Detective
[Unbreakable 2023]
- Open the network-detective capture with wireshark
- Open the HTTP packet
- We know that HTTP does not encrypt data we should see the following result:
- The X-HERE header is an unusual header furthermore we notice that the data is quiet suspicious and looks like a ROT
encryption because if we shift from 1 to right, DUG gave is CTF which is the flag format.
- Go to rot-cipher and enter the data string
- Select ROT 1 (which is equal to shift one to right)
- Select full ASCII table
- Here you go :)
