[Forensic] WPA-ing Out (200 pts)
Last updated
Last updated
I thought that my password was super-secret, but it turns out that passwords passed over the AIR can be CRACKED, especially if I used the same wireless network password as one in the rockyou.txt credential dump. Use this 'pcap file' and the rockyou wordlist. The flag should be entered in the picoCTF{XXXXXX} format.
Finding the IEEE 802.11 wireless protocol used in the wireless traffic packet capture is easier with wireshark, the JAWS of the network.
Aircrack-ng can make a pcap file catch big air...and crack a password.
The challenge gave us a pcap file and some hints related to rockyou password. It seems like we must crack something to get the password.
Firstly, I imported the pcap file to Wireshark to analyze. I checked the protocol hierarchy to see the packet structure. As you can see in the image below, I got 2 packets from 802.1X authentication and Data. I was looking around the data traffic but nothing was interesting, all the data was encrypted.
It’s kind of stuck, so I decided to follow the hint and tried to crack any passwords.
As a hint, I decided to use aircrack-ng and tried to crack the pcap file using rockyou wordlists
Here we go, I could get the password.
Let’s use the password and see more traffic. Open your Wireshark and go to Edit/Preferences/Protocols, choose IEEE 802.11 and edit the decryption key as in the image below. (Gone_Surfing is the SSID of wireless)
I checked the protocol hierarchy again, I could see more traffic was shown
Then I could filter UDP traffic. I tried to find some information related to picoCTF but got nothing
Hmm, where is the flag? I tried to check the flag format and could see that the flag format is picoCTF{XXXXXX}, thus maybe the password is the flag value. I tried to put the password as a flag and boom, I solved it.
I thought that the password was used to extract more traffic data and then I could find the flag from there but it wasn’t true. Still learn much stuff regarding networking. Thanks to author MISTRESSVAMPY
