qaStaH nuq

Category: Forensics | Difficulty: Easy

We get .pcap file. I opened it with wireshark and see through dns, icmp and http. In http we found that we got the flag.txt file. We also see payload behind it and it was the flag encrypted in base64.