Web Decode | picoCTF
Hello guys! Today, I’m diving into a PicoCTF challenge called Web Decode. Let’s see how we can crack this one and learn something cool along the way. Stay tuned!
Hints:
1. Use the web inspector on other files included by the web page.
2. The flag may or may not be encoded
Challenge link: https://play.picoctf.org/practice/challenge/427
Solution :
Manually investigate the web site :
Browse to the web site and you will see a web page with the message "Ha!!!!!! You looking for a flag?".
On the page, right-click and select 'View page source' (or press CTRL + U) to get the HTML-source of the page
Nope, nothing interesting here apart from several messages telling us to keep searching...
But there are more pages, like the about.html page which contains
Theline<sectionclass="about" notify_true="cGljb0NURnt3ZWJfc3VjYzNzc2Z1bGx5X2QzYzBkZWRfMWY4MzI2MTV9"> looks interesting.
It seems to contain the flag in encoded form.
Get the flag
There are no padding characters (=) at the end but the string looks like it could be base64-encoded.
We can decode it with the builtin linux tool base64 like this
0 Response to "Web Decode | picoCTF"
Posting Komentar