[Flare-On7] Chal7-re_crowd write-up (Eng)

  1. Analyze re_crowd.pcapng Open file into Wireshark, select Statistics -> Flow Graph, you can see the flow as the bellow picture: When apply the filter like this: (http.request or tls.handshake.type == 1 or tcp.flags eq 0x0002 or dns) and! (Udp.port eq 1900), I see more http request from ip to port 80 of the […]

Article Link: https://kienmanowar.wordpress.com/2020/10/24/flare-on7-chal7-re_crowd-write-up-eng/