Start wireshark and visit some websites to start generating traffic.
- Filter the traffic so that only DNS packets are shown.
- Can you identify the TCP handshake?
- Filter packets that do not originate from your host computer.
- Search for image files that were transferred in the packet bytes (*.png, *.jpg, etc.)
Load the challenge.pcap file from the supplementals folder. There is a secret pass phrase somewhere in the packets. Can you find it?