HTTP (Hyper Text Transfer Protocol), also known as Hypertext Transfer Protocol, is an application layer protocol for distributed, collaborative, and hypermedia information systems.
HTTP is the basis for data communication on the World Wide Web.
> Topic: Jiangsu Province Navigator Cup - 2017: hack
The overall observation can be drawn:
HTTPfor the main
126.96.36.199for the main
- no attachments exist
From this picture, it can be basically judged that this is a traffic packet generated during the `sql injection-blind".
At this point, you can basically determine the direction of the flag, extract all the urls, use the
python helper to get the flag
tshark -r hack.pcap -T fields -e http.request.full_uri|tr -s '\n'|grep flag > log
Get blind results
import re with open('log') as f: tmp = f.read() flag = '' data = re.findall(r'=(\d*)%23',tmp) data = [int(i) for i in data] for i,num in enumerate(data): try: if num > data[i+1]: flag + = chr (num) except Exception: pass print flag