Secrets Description We have several pages hidden. Can you find the one with the flag? The website is running here. Solving Visiting the website does not really help… but the hint tells that there are some folders. Because gobuster or other fuzzing tools in CTF is not really nice to the infrastructure I tested the usual things: robots.txt -> nothing
Search source Description The developer of this website mistakenly left an important artifact in the website source, can you find it? The website is here. Solving Downloading whole website via ‚wget –recursive http://saturn.picoctf.net:56849/‘ Then you coud easily grep the sourcefiles for the flag. #!/bin/bash echo "Downloading website…" wget –recursive http://saturn.picoctf.net:56849/ > /dev/null 2>&1 echo "Changing DIR Name…" mv saturn.picoctf.net:56849 website
Roboto Sans Description The flag is somewhere on this web application not necessarily on the website. Find it. Check this out. Solving Visit the website Digging in the sourcecode – nothing there Looking the low-hanging fruits robots.txt — this is interesting In the robots.txt there are some base64 encoded strings decoding it point us to ‚js/myfile.txt‘
Local Authority Description Can you get the flag? Go to this website and see what you can discover. Solving Downloaded website via ‚wget http://saturn.picoctf.net:50959/‘ Looked at the site – just a normal site with a login prombt. Looking at sourcecode. Action is calling ‚login.php‘ — downloading as well In ‚login.php‘ a ’secure.js‘ is included… downloading There is a password in
Inspect HTML Description Can you get the flag? Go to this website and see what you can discover. Solving Downloaded website via ‚wget http://saturn.picoctf.net:49609/‘ or inspect the website directly. Looked into the file via ‚vi‘. At the end is a comment with the flag. For flag use ‚./get_flag.sh‘ #!/bin/bash wget "http://saturn.picoctf.net:49609/index.html" grep -o "picoCTF{.*}" index.html rm -rf index.html
Includes Description Can you get the flag? Go to this website and see what you can discover. Solving The flag is hidden in the website… more or less. We have to look into the css and js file. Then we will find the flag! In the CSS file is part 1 of the flag and in the javascript file you
Forbidden Paths Description Can you get the flag? Here’s the website. We know that the website files live in ‚/usr/share/nginx/html/‘ and the flag is at ‚/flag.txt‘ but the website is filtering absolute file paths. Can you get past the filter to read the flag? Solving Open the site and you will see a form, where you can read files. Some
Torrent Analyze Description SOS, someone is torrenting on our network. One of your colleagues has been using torrent to download some files on the company’s network. Can you identify the file(s) that were downloaded? The file name will be the flag, like picoCTF{filename}. Captured traffic. Solving Loading the pcap file into wireshark and started looking at it. At the beginning
St3g0 Description Download this image and find the flag. Download image Solving Looking at the hint We know the end sequence of the message will be $t3g0. Okay, I did some google research with that $t3g0 and found an interessting article. Downloaded the script from the github repo run it with the image FLAG 🙂 #import libraries import sys import
Sleuthkit Intro Description Download the disk image and use mmls on it to find the size of the Linux partition. Connect to the remote checker service to check your answer and get the flag. Note: if you are using the webshell, download and extract the disk image into /tmp not your home directory. Download disk image Access checker program: nc