Extract readable txt from pcap file - strings data.pcap | less : Extracts all human-readable txt from binary file

Search login-related data - strings data.pcap | grep "<userid\password>"

: Username: _ Password (encoded): _ The ___ at the end is URL encoding for ==

Decode (terminal/analyzer tool) - echo " " | base64 -d

Last part; pls use your brain

ligma

ligma

ligma

ligma

Actually, encryption and encoding are 2 different things.

Important: This is not a flag, but a string!

omg i wasted 30min

Not obvious that the "flag" is the flag...

unfortunately... not a great challenge... the flag should be obvious when you see it not a random string...

HINT/ Guys, u searching about a password, not a flag

don't look for a Flag{}

Hint: Serach in TCP stream

post is a nice method

HINT: the encryption is a base64