diff --git a/final/final.md b/final/final.md
index ae872df..f878ce6 100644
--- a/final/final.md
+++ b/final/final.md
@@ -199,6 +199,12 @@ To wrap up, I will create three MiTM style attacks that can be executed by the p
 
 This is a simple script found in [ttl.py](./scripts/ttl.py). The idea here is to modify all TTL (time-to-live) values in ipv4 and ipv6 packets passing through the pitap and set them to 65, if they are not already 65. This logic could be extended to include any known packet type which contains a TTL field. We also keep a tally of the number of packets modified
 
+Ultimetly, this script does the job. Here It runs for 2.5 seconds (in the span of this capture that is from 11.12 to 13.42). In this time, it sees 28 ip or ipv6 packets, only one of which already has a TTL of 65. For the rest, the TTL is modified to 65.
+
+The result is that for a brief period of the wireshark capture while I have the RTSP stream running, 28 packets come up in a filter in traffic to the reolink device with a ttl of 65.
+
+![ttl](./photos/attack/ttl.png)
+
 #### 6b.
 
 #### 6c.
\ No newline at end of file
diff --git a/final/photos/attack/ttl.png b/final/photos/attack/ttl.png
new file mode 100644
index 0000000..6c95f9a
Binary files /dev/null and b/final/photos/attack/ttl.png differ