PCAP 04

This exercise is one of our challenges to help you learn how to analyze PCAP files

PRO
Tier
Easy
< 1 Hr.
6720
PCAP badge

In this challenge, participants will download a provided PCAP file and use Wireshark to analyze the network traffic. The file contains the FTP connection of a client retrieving a file in passive mode. The retrieval process happens in two stages: the client first authenticates and requests the file, after which the server provides an IP and port in response to the PASV command. The client then connects to that IP and port to retrieve the file.

Using Wireshark, you will follow the TCP streams to identify the correct packet containing the file content. The exercise will guide you through filtering the traffic, following the TCP streams, and decoding the packets to extract the key information needed to solve the challenge.

Want to learn more? Get started with PentesterLab Pro! GOPRO