Hacktober 2020 CTF - Evil Corp's Child
Oct 16, 2020
Challenge Description
What is the MD5 hash of the Windows executable file?
NOTE: If you extract any files within this challenge, please delete the file after you have completed the challenge.
Solution
we opened the pcap file with wireshark
On packet 36, we noticed an HTTP GET request pointing to ``
Following the http stream, reaveal that the png file is not a png actually but rather an exe file.
We can extract this file by exporting http objects
Chose our image, then save it somewhere
Seems like the `.png` file is not a png, rather its PE32 executable for ms windows.
Our flag is the exe MD5 hash
