Reverse the logic of the executable file, you can understand the communication process between the client and the server.
1. Each time the client sends msg to server, it generates a clientSessionKey used to encrypt the msg, and the encryption algorithm is xor. The ciphertext1 is xor(msg, clientSessionKey), and when it's sent to the server, it's base64 encoded.
2. when the server receives the ciphertext from client, it first base64 decode and then generates a serverSessionKey, and encrypt the ciphertext with it. The ciphertext2 is xor(ciphertext1, serverSessionKey). The server sends the ciphertext2 back to client.
3. The client encrypts the ciphertext2 with clientSessionKey again and sends to the server. The ciphertext3 is xor(ciphertext2, clientSessionKey).

So we can summerize the communication.
1. c1 = msg ^ clientSessionKey
2. c2 = c1 ^ serverSessionKey = msg^clientSessionKey^serverSessionKey
3. c3 = c2 ^ clientSessionKey = msg^clientSessionKey^serverSessionKey^clientSessionKey = msg^serverSessionKey

so if we know c1, c2 and c3, we calculate c1^c2^c3 = msg, and the we can extract c1, c2 and c3 from the given pcap which is base64 encoded and we know all message between client and server. The flag is just in the message.