Killer Queen CTF 2021
Obligatory Shark [149 pts]
Remember to wrap the flag.
kqctf{dancingqueen}
tl;dr
Introduction
Opening the file in Wireshark, we see a single Telnet stream.
We right-click and Follow TCP Stream and see a user logging in with username user2 and password 33a465747cb15e84a26564f57cda0988. This is likely just an MD5 hash, which we can crack with
john hash.txt --wordlist=/usr/share/wordlists/rockyou.txt --format=Raw-MD5
which immediately spits out the password dancingqueen. Wrapped in the flag format, this is the correct flag.