The last challenge in Flare-On 8 was probably not harder than the ninth one, but it might have been the one I had the most fun attacking. In a mad rush to finish on time, I didn’t take great notes, so instead, I went back and solved it start to finish on YouTube.

Challenge

We have one final task for you. We captured some traffic of a malicious cyber-space computer hacker interacting with our web server. Honestly, I padded my resume a bunch to get this job and don’t even know what a pcap file does, maybe you can figure out what’s going on.

The archive (password “flare”) contains a PCAP file:

\$ file wizardcult.pcap
wizardcult.pcap: pcap capture file, microsecond ts (little-endian) - version 2.4 (Ethernet, capture length 262144)


Solving It

Full solution is on YouTube:

Flag: wh0_n33ds_sw0rds_wh3n_you_h4ve_m4ge_h4nd@flare-on.com