247CTF - Networking Challenges - Error Reporting Protocol
Problem Statement Can you identify the flag hidden within the error messages of this ICMP traffic? Tools Used Wireshark 3.4.3 Python 3.9.1 Description This is a downloadable challenge. When you click the 'Download Challenge' button, you obtain a ZIP archive file. The ZIP archive contains a packet capture ( pcap ) file. The file's name was error_reporting.pcap in my case, it may differ for other users. To solve this challenge, you would need to decode and assemble the data from multiple ICMP packets (my file contained the data from 1712 packets). Wireshark can be used to open the packet capture file and visualise the various layers and fields in the packets. Once you open the packet capture file with Wireshark, your window should resemble the screenshot below. As shown above, the first packet is an Echo (ping) request and the rest of the packets are Echo (ping) replies . Double-clicking a packet would open it...