Category — Web Exploitation
Level — Easy
Challenge URL — picoCTF — picoGym Challenges
Welcome! It is time to look at the Challenge “Unminify” on picoCTF. I am making these walkthroughs to keep myself motivated to learn cyber security and ensure that I remember the knowledge gained by playing picoCTF Challenges.
Join me on learning cyber security. I will try and explain concepts as I go, to differentiate myself from other walkthroughs.
About Challenge — The challenge is an easy Web Exploitation challenge. Let’s start!
Let’s start! Launch Instance.
The website for the challenge.
I know that the challenge involves using inspect tab. This means that it is likely that we are supposed to find the flag hidden in the code of the website. Thus, I used the search tool on the website and searched for the flag.
See the contents of the page.
http://titan.picoctf.net:53517/First, let’s try viewing the page source of the website that opened by pressing CTRL+U.
After reviewing the code, it appears that the flag is hidden there.
Ok! We found The FLAG in view-source.
<!doctype html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1"><title>picoCTF - picoGym | Unminify Challenge</title><link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png"><style>body{font-family:"Lucida Console",Monaco,monospace}h1,p{color:#000}</style></head><body class="picoctf{}" style="margin:0"><div class="picoctf{}" style="margin:0;padding:0;background-color:#757575;display:auto;height:40%"><a class="picoctf{}" href="/"><img src="picoctf-logo-horizontal-white.svg" alt="picoCTF logo" style="display:inline-block;width:160px;height:90px;padding-left:30px"></a></div><center><br class="picoctf{}"><br class="picoctf{}"><div class="picoctf{}" style="padding-top:30px;border-radius:3%;box-shadow:0 5px 10px #0000004d;width:50%;align-self:center"><img class="picoctf{}" src="hero.svg" alt="flag art" style="width:150px;height:150px"><div class="picoctf{}" style="width:85%"><h2 class="picoctf{}">Welcome to my flag distribution website!</h2><div class="picoctf{}" style="width:70%"><p class="picoctf{}">If you're reading this, your browser has succesfully received the flag.</p><p class="picoCTF{pr3tty_c0d3_622b2c88}"></p><p class="picoctf{}">I just deliver flags, I don't know how to read them...</p></div></div><br class="picoctf{}"></div></center></body></html>I simply used
curlin my terminal, and I saw the flag.
Flag - picoCTF{pr3tty_c0d3_622b2c88}I hope you enjoyed this writeup! Happy Hacking :)
Subscribe to me on Medium and be sure to turn on email notifications so you never miss out on my latest walkthroughs, write-ups, and other informative posts.
Follow me on below Social Media:
- LinkedIn: Reju Kole
2. Instagram: reju.kole.9
3. Respect me On HackTheBox! : Hack The Box :: User Profile
4. Check My TryHackMe Profile : TryHackMe | W40X
5. Twitter | X : @Mr_W40X
6. GitHub : W40X | Reju Kole | Security Researcher
incase you need any help feel free to message me on my social media handles.
