Hi, I am trying to extract the MD5sum value from a FTP file using Wireshark, but could not find it ??? Am i Missing something . where to look in the pcap file ??
The md5sum value is probably not in the pcap file as the value is generated by running the md5sum command on your specific file. > md5sum (On UNIX/Linux) On Windows, see this knowledgebase article from Microsoft, https://support.microsoft.com/en-us/kb/889768 Then you compare your md5sum output with what the file author says it should be. If there is a match, you have the correct file and your download was OK, if not, something went wrong.
I actually solved it (it is one of CTF challanges). I figured out the file signature of the zip file, saved it and then generated the MD5 hash. Thanks
Hey I am stuck in kind of similar problem. Can you tell me how can you find signature of the zip file. I need to find the md5sum of the backdoor.
This will help https://crucialsecurity.wordpress.com/2011/02/24/extracting-files-from-packet-captures
