Description: Connaissez-vous bien le format PCAPng ?
Comments dispersed in HTTP packets allow us to reconstruct the flag.
We start by opening our pcapng with Wireshark and fly over the packets quickly. After a while we notice that there is an interesting comment in a HTTP packet.
We will look in the capture for other packages with comments. It happens that there are others and they lead us to the flag!
All we have to do is reconstruct the flag.