wifiland

First, open the pcap file using Wireshark and check out the packets. Looks like we're dealing with Wi-Fi traffic here. I filtered the packets by EAPOL protocol and found a handshake being established. There are two ways to find the password: you can grab the hashed password and crack it, or you can use the aircrack-ng tool. I went with aircrack-ng because it's simpler for me.

Now decrypt the Wi-Fi traffic using the password found above, following these steps:

1. Go to Edit -> Preferences -> Protocols -> IEEE 802.11

2. In this window, select "Enable decryption"

3. Go to Decryption Keys->Edit

4. To add the Decryption key, select "New"

5. In the "Key Type" select one among the security types listed "WEP/WPA-PWD/WPA-PSK", according to the AP(Router)'s security configuration.

6. In the "Key" tab provide the appropriate password.

Now filter packets for ARP protocol and you'll see two IPv4 addresses.

from hashlib import sha256

ip_client = "10.0.3.19"
ip_target = "93.184.216.34"

def calculate_sha256(ip_client, ip_target):
    input_string = ip_client + ip_target
    hash_result = sha256(input_string.encode()).hexdigest()
    return hash_result

sha256_sum = calculate_sha256(ip_client, ip_target)
print('CTF{'+sha256_sum+'}')

Run this code and you will get the flag.