Course

In this challenge, you will use Wireshark to analyze a provided PCAP file containing a single HTTP request. The objective is to extract the key hidden within the body of the HTTP response. Once you have the file loaded in Wireshark, you can use the "Follow TCP Stream" option to reconstruct the entire TCP connection. This will allow you to inspect the HTTP request and response without worrying about the lower layers like IP and ARP.

Upon following the TCP stream, you will see the full HTTP request and response. The response will have a status code of 200 OK and contain HTML content. Within this HTML content, specifically inside an H1 tag, you will find the key for this exercise. This lab is designed to teach you the fundamental skills required for network traffic analysis, an essential skill for any ethical hacker.