PCAP 19

This exercise is one of our challenges to help you learn how to analyze PCAP files

PRO
Tier
Easy
< 1 Hr.
5912
PCAP badge

To start this lab, you need to install Wireshark to inspect the provided network dump. You can download the PCAP file from the provided link. The file contains a single HTTP request, and our task is to extract the key from the Authorization header, which uses a Bearer token in the JWT format.

The JWT consists of three parts: the header, payload, and signature, separated by dots. The payload is base64 encoded and contains the key we need. By opening the PCAP file in Wireshark, we can follow the TCP stream to reconstruct the connection and inspect the data. Decoding the payload will reveal the key required for this exercise.

Want to learn more? Get started with PentesterLab Pro! GOPRO