Skip to content

BSidesSF 2019 CTF: zippy

Zippy challenge has a pcap file that contains the flag. When I opened the file with wireshark and tried to export the objects I got nothing in result. After a little bit of research I found the package that contained the .zip file:

I then extracted:

The file was protected by a password. Before all that I followed the first tcp stream:

I got this result:

The commands was obvious:

The flag is CTF{this_flag_is_your_flag}

Published inCTF