In this walk through, we will be going through the Wireshark – The Basics from Tryhackme. In this room we will learn about the basics of Wireshark and how to analyse protocols and PCAPs with it. So, let’s get started without any delay.
Table of Contents
Task 1 – Introduction
Question 1 – Which file is used to simulate the screenshots?
http1.pcapng
Question 2 – Which file is used to answer the questions?
Exercise.pcapng
Task 2 – Tool Overview
Question 1 – Read the “capture file comments”. What is the flag?
TryHackMe_Wireshark_Demo
Question 2 – What is the total number of packets?
58620
Question 3 – What is the SHA256 hash value of the capture file?
f446de335565fb0b0ee5e5a3266703c778b2f3dfad7efeaeccb2da5641a6d6eb
Task 3 – Packet Dissection
Question 1 – View packet number 38. Which markup language is used under the HTTP protocol?
eXtensible Markup Language
Question 2 – What is the arrival date of the packet? (Answer format: Month/Day/Year)
05/13/2004
Question 3 – What is the TTL value?
47
Question 4 – What is the TCP payload size?
424
Question 5 – What is the e-tag value?
9a01a-4696-7e354b00
Task 4 – Packet Navigation
Question 1 – Search the “r4w” string in packet details. What is the name of artist 1?
r4w8173
Question 2 – Go to packet 12 and read the comments. What is the answer?
911cd574a42865a956ccde2d04495ebf
Question 3 – There is a “.txt” file inside the capture file. Find the file and read it; what is the alien’s name?
Packetmaste
Question 4 – Look at the expert info section. What is the number of warnings?
1636
Task 5 – Packet Filtering
Question 1 – Go to packet number 4. Right-click on the “Hypertext Transfer Protocol” and apply it as a filter. Now, look at the filter pane. What is the filter query?
http
Question 2 – What is the number of displayed packets?
1089
Question 3 – Go to packet number 33790 and follow the stream. What is the total number of artists?
3
Question 4 – What is the name of the second artist?
Blad3
Task 6 – Conclusion
Also Read: Tryhackme – Windows Fundamentals 3
So that was “Wireshark: The Basics” for you. We have learned about the basics of Wireshark tool. Then we looked into Packet dissection of packets and Protocols. Moving on, took a dive into packet navigation and filtering with it. On that note, i will take your leave and will see you in next one, Till then “Hack the Planet”.