Description
A packet capture contains an encrypted attachment plus a plaintext conversation describing how to decrypt it. Follow the TCP streams in Wireshark to find the decrypt command, extract the binary data, and run openssl des3 to reveal the flag.
Open the PCAP in Wireshark. Browse packets until you see a TCP stream with readable chat text (port 9001).
Right-click a packet in the chat stream and choose Follow > TCP Stream to read the conversation.
The conversation includes the openssl decrypt command and the password.
Find the binary transfer on port 9002, follow that stream, save the raw data as a hex dump, then convert to binary with xxd.
Run the openssl command from the chat to decrypt the file.
# In Wireshark: follow TCP stream on port 9001 to read the decrypt command# Follow TCP stream on port 9002, show data as Hex, copy and paste into xxdxxd -r -p file.hex file.des3openssl des3 -d -salt -in file.des3 -out flag.txtcat flag.txtSolution
Want to try it yourself first?
The guided walkthrough reveals hints one step at a time.
Step 1
Follow the chat streamObservationI noticed the PCAP contained multiple TCP streams on distinct ports, and some packets had small ASCII payloads consistent with a text chat, which suggested following that stream in Wireshark would reveal the plaintext conversation including the openssl command and password.In Wireshark, filter by port 9001 or browse packets with 41-byte payloads. Right-click a matching packet and choose Follow > TCP Stream. The conversation contains the openssl command and password in plain text.Learn more
Wireshark's Follow TCP Stream reassembles all TCP segments from a conversation and displays the payload in order. Both sides of the chat are shown with different colors. The password and the exact openssl command to use both appear verbatim - there is no encryption on the chat channel, which is the vulnerability being demonstrated.
Inside the chat stream, the password appears verbatim in one of the messages where one party tells the other how to decrypt the file. There is no key exchange, no key derivation - it is just typed into a TCP socket in cleartext. That is the entire vulnerability illustrated by this challenge.
Step 2
Extract the encrypted file and decrypt itObservationI noticed the chat stream on port 9001 referenced a separate binary transfer and provided an exact openssl des3 decrypt command with a password, which suggested the encrypted attachment was being sent over the other TCP stream on port 9002 and needed to be extracted and decrypted using those credentials.In Wireshark, follow the TCP stream on port 9002. Switch the display to Hex and copy the raw hex data. Usexxd -r -pto convert it to binary, saving the result as file.des3. Then run the openssl des3 decrypt command from the chat conversation to produce the plaintext flag file.bash# In Wireshark: follow TCP stream port 9002, show as Hex, copy all hexbashxxd -r -p file.hex file.des3bashopenssl des3 -d -salt -in file.des3 -out flag.txtbashcat flag.txtExpected output
picoCTF{nc_73115_411_0ee72...}What didn't work first
Tried: Save the TCP stream from Wireshark using 'Save as' in raw mode instead of copying the hex manually
Wireshark's 'Save as' for a TCP stream defaults to ASCII or mixed mode depending on the display setting, which corrupts binary data with newline conversions. You must switch the display to 'Hex Dump' or 'Raw', copy the hex digits, and feed them through xxd -r -p to get a clean binary file.
Tried: Run openssl des3 -d without the -salt flag because the ciphertext might not have a salt header
OpenSSL prepends the magic string 'Salted__' followed by 8 salt bytes when encryption uses -salt, which is the default. Omitting -salt on decryption causes openssl to misinterpret the first 16 bytes as IV material and produces garbled output with no error. The -salt flag tells openssl to read and discard that 16-byte header before decrypting.
Learn more
Wireshark can show stream data as raw hex. Copying that hex and converting it with
xxd -r -precreates the original binary file without needing tcpflow or tshark. The-rflag reverses the dump (hex to binary) and-pselects plain hex format with no address offsets.Triple DES applies DES three times per block. The openssl command the chat specifies uses
des3 -dto decrypt,-saltto indicate the ciphertext has a random salt prepended, and-in/-outfor the file paths. The deeper lesson: encryption without secure key exchange is useless. TLS solves this with Diffie-Hellman or RSA key exchange so the secret never traverses the wire in cleartext.
Interactive tools
- Hex ViewerView text or raw hex bytes as a xxd-style hex dump with byte offset, hex columns, and ASCII sidebar. Highlights printable characters and null bytes.
- Strings ExtractorPull printable text from any binary, library, or image. ASCII and UTF-16 detection, configurable minimum length, flag-like highlight, no command line needed.
Flag
Reveal flag
picoCTF{nc_73115_411_0ee72...}
A perfect example of why you should never discuss crypto keys in plaintext channels.