We are given a packet capture and the remote service asks us for a valid token:
Please provide a valid token:
So the goal is probably to recover that token from the captured traffic. Opening the capture in Wireshark and looking through the protocols shows plain HTTP traffic. Filtering for HTTP requests quickly gives us a login request:
POST /login HTTP/1.1
Host: 127.0.0.1:1024
Content-Type: application/x-www-form-urlencoded
Cookie: token="MhhWhatToken??"
token=0bf77fce4af7f09d7937b59b5dfe8ce4c018ea14cd3b363d12ddc7c670ca045313aa6156b40273390e43e6128d32b993742f09d1cea1db3e3837f6082d3e6932
The response even sets the same token as a cookie:
HTTP/1.1 200 OK
Set-Cookie: token=0bf77fce4af7f09d7937b59b5dfe8ce4c018ea14cd3b363d12ddc7c670ca045313aa6156b40273390e43e6128d32b993742f09d1cea1db3e3837f6082d3e6932; Path=/
Thx for your request! Please go <a href='/'>home</a> now!
Submitting this token to the remote service gives us the flag:
Welcome to the CSCG Flag Service serving some flags: CSCG{sn00py_sn00p_w1th_w1reshark!}