Open in app

Sign in

Write

Sign in

PicoCTF Challenge: “Where Are the Robots” Walkthrough

Rishikesh_khot
3 min readJun 16, 2024

--

Category : Web Exploitation

Level : Easy

Points : 100

Description :

Can you find the robots?

https://jupiter.challenges.picoctf.org/problem/56830/ (link)or

http://jupiter.challenges.picoctf.org:56830

Hint : What part of the website could tell you where the creator doesn’t want you to look?

Introduction :
Capture The Flag (CTF) challenges are an excellent way to sharpen your cybersecurity skills, and PicoCTF is one of the best platforms to do just that. One intriguing challenge you might encounter is “Where Are the Robots?” This task tests your ability to explore hidden parts of a website, which is a fundamental skill in web security. In this walkthrough, we’ll go through each step to solve this challenge and retrieve the flag.

Step-by-Step Walkthrough :

Step 1: Access the Challenge
The first step is to navigate to the challenge page on the PicoCTF website. The challenge name is “Where Are the Robots?” and you are provided with the following link:
[https://jupiter.challenges.picoctf.org/problem/56830/]

Step 2: Visit the Provided Link
Clicking on the link will redirect you to a new website. This is where the challenge begins. Below is an image of the landing page for reference.

Step 3: Follow the Hint
The hint provided with the challenge is, “What part of the website could tell you where the creator doesn’t want you to look?” This is a clue directing you to check the `robots.txt` file, which websites use to indicate parts of the site they want to be excluded from search engine indexing.

To view the `robots.txt` file, append `/robots.txt` to the URL:

https://jupiter.challenges.picoctf.org/problem/56830/robots.txt

Step 4: Discover the Hidden Path
Accessing the `robots.txt` file reveals the following content:

User-agent: *
Disallow: /1bb4c.html

This indicates that there is a hidden page located at `/1bb4c.html`.

Step 5: Access the Hidden Page
Next, append `/1bb4c.html` to the URL to navigate to the hidden page:

https://jupiter.challenges.picoctf.org/problem/56830/1bb4c.html

Upon visiting this page, you will find the flag.

Step 6: Submit the Flag
Copy the flag from the hidden page and submit it on the PicoCTF platform. Congratulations, you have solved the challenge!

Here is the flag :

picoCTF{ca1cu1at1ng_Mach1n3s_1bb4c}

Notes:
1. Avoid using tools like the Wayback Machine or Wappalyzer for this challenge, as they are unnecessary and might lead to confusion.
2. The `robots.txt` file is a key part of web enumeration, and understanding its purpose and usage is crucial for web security challenges.

Thanks for reading and Happy Hacking.

Picoctf
Web Exploitation

--

--

Rishikesh_khot

Written by Rishikesh_khot

4 Followers

Ethical Hacker, Penetration Tester, Cyber security

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams