Open the downloaded file in Wireshark.
Okay lets see…….The Ceph protocol seems interesting (as there is some conversation in that protocol) .Let’s apply ceph filter.
Hmm…..Now scroll down a bit, on number 308 (that’s a huge one) . Let’s examine it.
After a few minutes of examining the packet I came across operation payload which seems interesting.
It looks like this is a png file. See the file signature (89 50 4e….) Its definitely an image.
Let’s export the image. Right click on operation payload and click Export Packet Bytes
Now save it as .png
This is the image you will get
Looks like this is the flag .