Roboto Sans

Challenge

The flag is somewhere on this web application not necessarily on the website. Find it. Check this out.

Solution

  1. Looking at robots.txt (http://saturn.picoctf.net:65352/robots.txt) shows the following:

User-agent *
Disallow: /cgi-bin/
Think you have seen your flag or want to keep looking.

ZmxhZzEudHh0;anMvbXlmaW
anMvbXlmaWxlLnR4dA==
svssshjweuiwl;oiho.bsvdaslejg
Disallow: /wp-admin/

  1. anMvbXlmaWxlLnR4dA== decodes to js/myfile.txt.

  2. Navigating to http://saturn.picoctf.net:65352/js/myfile.txt displays the flag.

Flag

picoCTF{Who_D03sN7_L1k5_90B0T5_718c9043}

PreviousnotedNextSQLiLite

Last updated