Your friend assures you that you cannot retrieve confidential information that passes through his network. He is so confident that he gives you access to his LAN via a host that you control.

The flag is the concatenation of the response to a network query, along with the database password, in the following form: reponse:db_password.

• Start the CTF-ATD "ARP Spoofing EcouteActive"
• Log in with SSH on the machine port 22222 (root:root)
• There is no validation of the virtual environment with a /passwd

Do not hesitate to change the password of the root user in order to be alone on the machine to perform your manipulations.