forensics/torrent_analyze
This commit is contained in:
Executable
+9
@@ -0,0 +1,9 @@
|
||||
#!/usr/bin/env nix-shell
|
||||
#!nix-shell -i bash -p tshark jq
|
||||
|
||||
# NOTE: torrent.pcap is big, has been omitted
|
||||
|
||||
tshark -r torrent.pcap -Y 'bt-dht' -Y 'frame contains "info_hash"' -T fields -e bt-dht.bencoded.string | grep --only-match -E 'info_hash,[a-z0-9]+' | sed 's/info_hash,//' | sort -u
|
||||
|
||||
echo
|
||||
echo "e2467cbf021192c241367b892230dc1e05c0580e -> picoCTF{ubuntu-19.10-desktop-amd64.iso}"
|
||||
Reference in New Issue
Block a user