 Hey, what's up guys welcome back to the YouTube video? My name is John Hammond this time checking out the Darlene challenge for CTF the for Kaizen CTF I was going on last week a challenge prompt here is Eliot's throwing a secret party You'd have the passwords get in analyze the p-cap and find the password again in the party Again, this flag is not followed the Kaizen CTF format the Kaizen flag format So we're getting the zip archive as a networking challenge. So we're probably gonna be dealing with p-caps here It's great a folder for it. I thought this was really cool a lot of my my teammate to myself are pretty happy to see Hey, I missed a robot reference. We're starting to watch the series together. I already finished the entire mr. Robot series I just like binge watch do all of it on an Amazon Prime But now I'm trying to sit down with all my other friends and show show it to them, too So we open it up and why are shark we start to look through some of the packets and there's not too many here although a lot of them are Encrypted or at least I see some that are Encrypted with some protocols or I thought I saw some SSL stuff Maybe I just saw some crazy TCP things and thought they were also. Yeah, I do see some TLS encrypted stuff good I'm not completely crazy What I ended up doing a good friend of mine told me to like export all the objects And that's a fine way to go about it and stuff like that I was started to like look through some of these by hand I wanted to go through some of them and what I ended up doing is I started at the end for whatever reason and I just Looked through some packets there I Saw some interesting ones that had like JSON objects, which I thought was very strange So now I'm trying to find these again for you. Oh Yeah, here's one here this post the private dining which I'm assuming must be where they're going Where they're having the party I see this job script object notation, so I took a look at it And it's like oh, there's a bunch of information here Like I don't know additional details. Oh, huh String value don't let anyone in unless I tell you the past phrase end of the world party. So, okay, that's it There's our flag, but okay. Yeah, there's a bunch of another Set of information for this JavaScript object, but that's the valuable one right there the additional details. They're trying to hide stuff in Don't let anyone in unless I tell you the past phrase end of the world party An interesting thing that we might have been able to do with this I don't know if you could get strings or export data out of this thing But you may have been able to just search for past phrase. I don't say again. I haven't tried it So can you do strings that well on a pet on a p-cap? Oh, yeah, of course you can and then past phrase Which I see it right now already Don't let anyone in tell you unless they tell you end of the world party easy Past phrase is the thing that you could know to search for and there is your flag end of the world party in this case It doesn't follow the kaizen format. So that's what you would submit, but done easy Just exploring through some packets and I did that by hand initially because I was just curious But again, you could just throw it in strings and even get the data out like that So easy stuff. Thanks for watching guys. Hope you enjoyed this one and I'll see you in the next video