i was trying to complete a challenge on olicyber.it, i was asked to obtain a flag from a conversation in tcp.
with wireshark i obtained this: 1f8b0800710360620003edd1410ac2301085e1ac3d45bc80cc34895d2b788e1084ba110b698416e9dd0d821b115d1511fe6ff30666f398e9cee9b42963310b926aebfd23abd714f162d437ae4e1aa435a2daa8182b4b967aba0e25656b4deefb8f47f8b6ff535dfdff6d3f1517e26
(im not sure if it contains the flag but it was the only packet with the data ) when i try to convert from Hex with CyberChef it tels me that is a gzip. but when i try to gunzip it does not work.
how can i convert it?
You have only the first hundred or so bytes of what is a larger tar.gz file. Possibly much larger. The first file, for which even the header is not complete in what was provided, is called "flag.txt".
You would need to accumulate the remaining packets after that, and then use tar to extract the files.