Foggy Intrusion

SOLUTION

Open pcap file with Wireshark, search for HTTP and we can see some POST method, follow them.

We can see lots of base64 strings. What we need to do is decode all of the outputs (blue text) to find the flag.

Extract all strings and decode the content using Cyberchef applying Fork + From base64 + Raw inflate operations.