Tryhackme - Wireshark: The Basics

Tryhackme – Wireshark: The Basics

In this walk through, we will be going through the Wireshark – The Basics from Tryhackme. In this room we will learn about the basics of Wireshark and how to analyse protocols and PCAPs with it. So, let’s get started without any delay.

Wireshark

Task 1 – Introduction

Question 1 – Which file is used to simulate the screenshots?

http1.pcapng

Question 2 – Which file is used to answer the questions?

Exercise.pcapng

Task 1 - Introduction

Task 2 – Tool Overview

Question 1 – Read the “capture file comments”. What is the flag?

Capture file comments

TryHackMe_Wireshark_Demo

Question 2 – What is the total number of packets?

Toat no. of packets

58620

Question 3 – What is the SHA256 hash value of the capture file?

SHA256 hash

f446de335565fb0b0ee5e5a3266703c778b2f3dfad7efeaeccb2da5641a6d6eb

Task 2 - Tool Overview

Task 3 – Packet Dissection

Question 1 – View packet number 38. Which markup language is used under the HTTP protocol?

Exercise.pcapng

eXtensible Markup Language

Question 2 – What is the arrival date of the packet? (Answer format: Month/Day/Year)

Arrival date of packet

05/13/2004

Question 3 – What is the TTL value?

TTL Value

47

Question 4 – What is the TCP payload size?

TCP Payload Size

424

Question 5 – What is the e-tag value?

e-tag value

9a01a-4696-7e354b00

Task 3 - Packet Dissection

Task 4 – Packet Navigation

Question 1 – Search the “r4w” string in packet details. What is the name of artist 1?

Packet details

Artist

r4w8173

Question 2 – Go to packet 12 and read the comments. What is the answer?

Packet no. 39765

Exercise.pcapng

md5 hash

911cd574a42865a956ccde2d04495ebf

Question 3 – There is a “.txt” file inside the capture file. Find the file and read it; what is the alien’s name?

Packet details

Packetmaste

Packetmaste

Question 4 – Look at the expert info section. What is the number of warnings?

Expert info

1636

Task 5 – Packet Filtering

Question 1 – Go to packet number 4. Right-click on the “Hypertext Transfer Protocol” and apply it as a filter. Now, look at the filter pane. What is the filter query?

download.html

http

Question 2 – What is the number of displayed packets?

Total packets

1089

Question 3 – Go to packet number 33790 and follow the stream. What is the total number of artists?

packet no. 33790

acuentix web app

3

Question 4 – What is the name of the second artist?

Second artist

Blad3

Task 5 - Packet Filtering

Task 6 – Conclusion

Task 6 - Conclusion

Also Read: Tryhackme – Windows Fundamentals 3

So that was “Wireshark: The Basics” for you. We have learned about the basics of Wireshark tool. Then we looked into Packet dissection of packets and Protocols. Moving on, took a dive into packet navigation and filtering with it. On that note, i will take your leave and will see you in next one, Till then “Hack the Planet”.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top