The shark won't bite you. Don't worry, it's wired!
We get pcap file with some HTTP transmission. Using Wireshark we can extract flag.zip file, which is secured by password.
When we take a look closer at one of HTTP request and response, we find HTTP Basic Authorization header:
GET /flag.zip HTTP/1.1
Host: 192.168.1.41:8080
Connection: keep-alive
Authorization: Basic ZmxhZzphenVsY3JlbWE=
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36
DNT: 1
Referer: http://192.168.1.41:8080/
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8,ht;q=0.6
HTTP/1.0 200 OK
Server: servefile/0.4.4 Python/2.7.10
Date: Fri, 13 Nov 2015 18:41:09 GMT
Content-Length: 222
Connection: close
Last-Modified: Fri, 13 Nov 2015 18:41:09 GMT
Content-Type: application/octet-stream
Content-Disposition: attachment; filename="flag.zip"
Content-Transfer-Encoding: binary
PK..
.....x.mG....(...........flag.txtUT ...-FV.-FVux..............;......q.........9.....H.!... >B.....+:PK......(.......PK....
.....x.mG....(.........................flag.txtUT....-FVux.............PK..........N...z.....
Base64-encoded credentials (ZmxhZzphenVsY3JlbWE=) are flag:azulcrema Password is valid for flag.zip and we can get flag.txt file with the flag:
IW{HTTP_BASIC_AUTH_IS_EASY}