Info
Analyzing network traffic is very important to understand what is happening over the wire.
Wireshark is the most popular packet capturing tool, but also provides a lot of under-used utilities for network traffic analysis, especially with very large PCAPs
What you will learn
After completing this scenario you will: - How to get a bird's-eye view of the kind of traffic captured in a given PCAP file - Following TCP/UDP streams - Checking for Wireshark's built-in Expert Information analysis - Exporting embedded files captured in data streams - basics of using display filters to narrow down interesting packets.
Technical Details
This scenario contains one virtual machine.
Pre-requisites
Please install wireshark before beginning this scenario
Pre-reading
https://schwartzdaniel.com/introduction-wireshark-part-1/ https://schwartzdaniel.com/introduction-wireshark-part-2/ https://resources.infosecinstitute.com/pcap-analysis-basics-with-wireshark/#gref
Credits for challenges
Pentest Cyprus Team QSecure Cyprus HITB Singapore Akir4 (b00t2root)
- MODESINGLEPLAYER
- TYPECCL
- DIFFICULTYINTERMEDIATE
- TIME240 MINUTES
- COST10 CRYSTALS