Preferential Treatment

LZMK

March 29, 2025

1 min read

ctf/dfir wireshark gpp-decrypt PCAP/analysis

We have an old Windows Server 2008 instance that we lost the password for. Can you see if you can find one in this packet capture?

Solution

conversation -> tcp 1 -> follow stream

Decrypt cpassword with gpp-password

gpp-decrypt dAw7VQvfj9rs53A8t4PudTVf85Ca5cmC1Xjx6TpI/cS8WD4D8DXbKiWIZslihdJw3Rf+ijboX7FgLW7pF0K6x7dfhQ8gxLq34ENGjN8eTOI=

swampCTF{4v3r463_w1nd0w5_53cur17y}

SwampCTF25 | Challenge Writeups 1 min read (5 min read total)
Beginner Web 2 min read

Blue 1 min read

Hidden Message Board 1 min read

Homework Help 1 min read

Muddy Water 1 min read

Planetary Storage 1 min read

Preferential Treatment 1 min read