Please ask questions ONLY in this topic.

One of your best friends has reason to believe that his girlfriend has been cheating on him. He thinks that she's been sending emails back and forth with this other guy, but he has no for sure proof. Now it's your turn to show him what a valuable friend you are!

Re: Please ask questions ONLY in this topic.

Post by impulse_x on Fri May 17, 2013 5:57 am
([msg=75631]see Re: Please ask questions ONLY in this topic.[/msg])


When using wireshark, I'm supposed to filter by HTTP, but what if I'm originally logged on in HTTPS? Since all the
stuff are encrypted, I filter via ssl; but I can't read any of the encrypted stuff.

I've searched google for help on decrypting ssl handshakes and application data but that's completely above my
head and I don't see anyone saying anything about SSL on this thread.

And now, i don't even know how to go back to HTTP for

Any help appreciated.


Edit: I've completed this mission. Just forgot to post here as well as having forgotten how I figured it out. :(
New User
New User
Posts: 19
Joined: Fri May 10, 2013 4:57 am
Blog: View Blog (0)

Re: Please ask questions ONLY in this topic.

Post by agentStag on Sat Mar 07, 2015 7:37 am
([msg=87053]see Re: Please ask questions ONLY in this topic.[/msg])

Hi guys, I have finally completed the mission.

I didn't use wireshark but the posts here suggest that it can be of help if you are stuck(do download it if you can, it will be useful for a person who visits this website).

Seems like most people are/were stuck at the c*****.*** file. The information given on that file on how should sections of it be removed was not necessary. So just think about how are variables separated on a URL and keep doing that until the end. Only worry about the first line, if you get that one right, it'll all be good.

The actual login isn't anything special so just get in.
A decompiler is needed and i used this one: It's all done online.

I hope this post helps(if i tell you more about that file, i'll spoil it).Contact me if you are still stuck. Good luck :geek:
New User
New User
Posts: 5
Joined: Tue Dec 23, 2014 5:11 pm
Blog: View Blog (0)

Wireshark help

Post by scaum2 on Mon Jan 04, 2016 5:37 pm
([msg=91144]see Wireshark help[/msg])

Hey guys,

I'm looking for some help with wireshark... got to the login page and seems obvious there is a file hidden somewhere used for identication. So i tried to use wireshark and "sniff" the location but i can't get it to work properly. After few hours of unsuccessfull trials, i find a youtube video showing EXACTLY what I did and indeed obtenaing the answer i was looking for.

Could someone give me a detailed explanation on how to find THE packet with the file location using wireshark ? I've been trying every option i could find and this exact packet seems to never appear.


EDIT : after looking a solution on Youtube (I know it's bad), I can see that the guy is connected to http://hack..../16 and not httpS://... I guess that could be the reasn why wireshark can't sniff the GET packet that would then be encrypted... but i can't connect to the http. Is there a way to "bypass" the redirection and get to the http and not https ? Is the challenge still doable with https ?
New User
New User
Posts: 1
Joined: Sun Jan 03, 2016 8:06 pm
Blog: View Blog (0)


Return to (Real 16) Simple Mail

Who is online

Users browsing this forum: No registered users and 0 guests