I was going to call this challenge babynet, but I have that baby shark song stuck in my head... doo doo, doo doo doo baby shark...
You're probably used to pcaps captured at layer 3 in promiscuous mode, but do you know what to do with a pcap captured at layer 2 in monitor mode?
I saw my arch-nemesis, Billy Bob Bobertson, in the library. He left his laptop open for 3 minutes to go use the restroom. Luckily, I had my BadUSB handy and gave myself a shell and then persistent remote access, and started running a few commands and capturing his web traffic (shown in the attached screenshot). I think he's up to something suspicious and received some sort of message from a group of criminals.
They say that looking through a pcap is like finding a needle in a haystack, but what do you do if that haystack is encrypted?
We had a rat infestation so I put mousetraps everywhere. Now I can code in peace without rats!
I'm a networks guy, so I was doing some network coding the other day when I picked up these interesting transmissions from some not-exactly-802.11 devices. There seems to be some presumably low-power wireless device somewhere transmitting data continuously, like a fountain! I think it's transmitting the flag, but I don't understand its transmissions. Can you recover it?
Wireshark's protocol analyzer may be misleading. Analyze it yourself.
I can do network coding without rats. Ratless network coding!
I cannot stress this enough: Wireshark's protocol analyzer, and most tools' protocol analyzers, may mislead you. You should analyze the data yourself! The 802.15.4 sequence and src/dest format are very standard. What comes after? This challenge requires a lot of protocol analysis as well as a mathematical part at the end!