The Root of All Evil… OR… Adding Insult to Injury

Challenge:

Great news! Luciafer has been spotted at an internet cafe! She's using her laptop right now! We can catch her, if we act quickly.

We need your help. Can you figure out a way to remotely connect to her machine and capture the flag?

Her username on her system is luciafer, and her hostname is:
batescafe.deadface.io

Use the PCAP from Monstrum ex Machina

Solution:

We actually discovered the SSH Private Key required for this challenge while completing the A Warning challenge. When searching the PCAP for the string "you have been warned" the first result is for packet #160789. If you follow that TCP stream (#73228) an OpenSSH Private Key can be observed:

We extracted the key and used it to SSH into the host:

ssh -i luciafer.rsa luciafer@batescafe.deadface.io

A quick listing of the users home directory uncovered the flag file in the Downloads directory:

luciafer@9ea3f46188ae:~$ find .
.
./.bash_logout
./.profile
./.bashrc
./Videos
./Downloads
./Downloads/flag.txt
./Music
./Documents
./Pictures

luciafer@9ea3f46188ae:~$ cat Downloads/flag.txt

flag{Lucy-a-FUR-G0T-R3KT-by-the-BLUZers-CLUB!!!}