Besides wargames we wanted to present another learning experience for our members. While some might not be interested in cracking web applications, others might be interested in other technical problems or 'puzzles'.
I use Wireshark for regular work and 'hacking', and many new members might not have much experience with this important tool, and some older members, might want to develop skills with wireshark/packetsniffing.
To play with these puzzles - you'll need to install Wireshark on your computer, you do not need to run wireshark or configure it - wireshark will be used to open the pcap file so you can read the packets of a sniff done elsewhere.
www.wireshark.org/download.html
---
A Sniff at a local Big Boy Restaurant, what did we get?
Get the pcap file here:
http://digitalnomad.suck-o.net/DNR/puz/bigboy.pcap
Do not answer questions here at this time.
1. What was captured in this pcap file?
2. What is the screen name of the person logged in to chat?
3. What is IP and MAC of that user?
--
A big case, what happened in this capture? This is a medium sized business network, lots of extraneous traffic. Some one is up to no good, selling business information to a competitor.
1. Get the IP, MAC, and username of the employee selling information
2. assemble the text from the user's converstation
3. What did they send?
http://digitalnomad.suck-o.net/DNR/puz/evidence.pcap
It will take wireshark a few long seconds to a minute to load the pcap file.
--
Again, keep the answers for right now. You have two levels of captures to test your skill!
More tests and puzzles coming, other files can be software that needs to be fixed, reading code to decipher what it will do, maybe a problem solver story with technical information needed or incorrect.
DNR
DNR's Puzzles
DNR's Puzzles
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
Re: DNR's Puzzles
this post is old but I will try this game to learn more about wireshark thx and I hope I didn t come too late or missed sthg after 4 years since that was posted
Re: DNR's Puzzles
I believe the file still exist and it can be opened by the current wireshark download.
Check it out and post your answers for both pcap files
DNR
Check it out and post your answers for both pcap files
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
Re: DNR's Puzzles
I always used to run away from wireshark but now this is a challenge and I like challenges that make me learn more
Re: DNR's Puzzles
you will install wireshark and then just import the pcap file.
wireshark will open the file to view it capture of the network comms. Reading packets and understanding the network is pretty important for anything you want to do related to computers.
I am interested in your answers
DNR
wireshark will open the file to view it capture of the network comms. Reading packets and understanding the network is pretty important for anything you want to do related to computers.
I am interested in your answers
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
Re: DNR's Puzzles
I have it already installed and my studies on that started already and this won t be enough I will finish this one and move to do the other old challenges
Re: DNR's Puzzles
the bigboy one is easy - the second one is a bigger capture and lots of extra junk traffic, it will take you maybe a good 30 minutes to figure that one out.
The second one was actually used in a online exam.
Hint, filters.
DNR
The second one was actually used in a online exam.
Hint, filters.
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
Re: DNR's Puzzles
noted but now that the chance came I will go deep with wireshark and then test what I learnt on this challenge ^_^
Re: DNR's Puzzles
more on the pcap file 'evidence.pcap'
Case 1 Scenario:
name: Chris M Long
company email: cmlong@gmx.com
Job: Interior Desiger, faggot
Chris is the interior designer of Company MicroShort(MS), and he is suspected to sell Company design work to another competitor in the industry. The company has enforced the policy where no one can bring in/out USB thumb drive of the Company building.
When Chris's computer is seized, there's no any stolen works found in his hard drive but a piece of software called Eraser, so it is suspected that Chris may erase the files with Eraser to prevent file system forensics, the Company MS has no convincing evident to proof Chris's guilty.
Fortunately, the company has deployed network monitoring system to collect network traffic and they are employing you as Network Forensics Investigator to figure out what Chris has done, extract network-based evident and to answer the following question, you are handed over the network data -
Network-Based Evidence
http://digitalnomad.suck-o.net/DNR/puz/evidence.pcap" onclick="window.open(this.href);return false;
Questions:
What is the IP address of Chris' machine?
What is Chris' non-legitimate email address?
What is the method used to communicate to outsider?
Whom Chris has communicated with?
What is the email address of the outsider?
What is the conversation about between Chris and the outsider?
What is the method used to transfer the file?
What is the name of the transferred file?
When was the file is transferred?
How many file was been transferred?
What is the file type?
Case 1 Scenario:
name: Chris M Long
company email: cmlong@gmx.com
Job: Interior Desiger, faggot
Chris is the interior designer of Company MicroShort(MS), and he is suspected to sell Company design work to another competitor in the industry. The company has enforced the policy where no one can bring in/out USB thumb drive of the Company building.
When Chris's computer is seized, there's no any stolen works found in his hard drive but a piece of software called Eraser, so it is suspected that Chris may erase the files with Eraser to prevent file system forensics, the Company MS has no convincing evident to proof Chris's guilty.
Fortunately, the company has deployed network monitoring system to collect network traffic and they are employing you as Network Forensics Investigator to figure out what Chris has done, extract network-based evident and to answer the following question, you are handed over the network data -
Network-Based Evidence
http://digitalnomad.suck-o.net/DNR/puz/evidence.pcap" onclick="window.open(this.href);return false;
Questions:
What is the IP address of Chris' machine?
What is Chris' non-legitimate email address?
What is the method used to communicate to outsider?
Whom Chris has communicated with?
What is the email address of the outsider?
What is the conversation about between Chris and the outsider?
What is the method used to transfer the file?
What is the name of the transferred file?
When was the file is transferred?
How many file was been transferred?
What is the file type?
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
Re: DNR's Puzzles
thanks alot and plz no more other hints I want to find my way even with too few infos