picoCTF Solutions
picoGym ExclusiveForensicsMedium

WPA-ing Out

Published: March 5, 2024Updated: December 9, 2025

Description

Capture a WPA handshake from the supplied pcap and crack the network key using rockyou.txt. The discovered passphrase becomes the picoCTF flag.

Setup

Wireless forensicsDownload wpa-ing_out.pcap

Fetch the capture file and ensure you have the rockyou.txt wordlist installed (commonly at /usr/share/wordlists/rockyou.txt).

Use aircrack-ng to test each candidate password against the handshake contained in the pcap.

wget https://artifacts.picoctf.net/c/41/wpa-ing_out.pcap
aircrack-ng -w /usr/share/wordlists/rockyou.txt wpa-ing_out.pcap

Solution

  1. Step 1Run aircrack-ng
    The tool automatically identifies the captured handshake frames and begins testing rockyou passwords until one matches. Copy the recovered key.
  2. Step 2Wrap as picoCTF flag
    Place the cracked password inside picoCTF{...} to form the final answer as instructed in the prompt.

Flag

picoCTF{mick...}

Aircrack-ng prints the recovered PSK explicitly; use that exact text between picoCTF{ and }.