Description: Sam has parked his car in front of a store. Find the name of the store.
File: Level 1.pcap
As the usual, opened up the pcap file with wireshark. Looked around for some packet data that were interesting. Found an HTTP packet that had an image data in it. Exported the data by clicking
File->Export Objects->HTTP select the packet and save it as .png. And we get this image.
First tried looking at hex and fiddling with the colours. Then, read the description again and thought of GPS, so we looked into the metadata of the image using ImageMagick’s identify tool.
identify -verbose blah2.png
Got the stuff below (snipped).
exif:GPSLatitude: 38/1, 51598/1000, 0/1
exif:GPSLongitude: 77/1, 3371/1000, 0/1
exif:GPSVersionID: 2, 2, 0, 0
Converted the 2 GPS coordinates to proper ones that map applications could use.
38.859967 -77.056183 Put that into Google Maps and got the following;