Network sniffing is simply viewing all the network data that your computer receives. Wireshark is the most popular network sniffing tool.
Simply open Wireshark and select your Wi-Fi interface to see the overwhelming amount of traffic that is coming and going from your computer at any time. It's often surprising what you will find. [1]
<aside>
✅ Poke around at the traffic you see on your local network. It's often interesting to see what other devices on your network are broadcasting. Using the filter eth.addr == ff:ff:ff:ff:ff:ff
is one way to do that.
</aside>
On naumachiactf.com, connect to the Stop and Listen challenge. Refer to the How to CTF page for more information on how to connect to a challenge.
Open Wireshark and select the tap0
interface. [2] You should start to see Wireshark populate with packets.
<aside> 🔀 If you cannot connect to the VPN tunnel, you can alternatively download this pcap file:
</aside>
<aside>
⛳ Locate the flag{...}
in the packet capture and enter it to score the challenge!
</aside>
[1] I figured out while making this section that my LG TV is continuously ARP scanning my home network and sending unsolicited HTTP responses over UDP 😐
[2] tap0
is the name assigned by OpenVPN assigns to the virtual interface which connects you to the challenge network run by Naumachia.