PicoCTF2022 - Search Source
Description
The developer of this website mistakenly left an important artifact in the website source, can you find it? The website is here.
Information
Point Value: 100 points
Category: Web Exploitation
Hints
- How could you mirror the website on your local machine so you could use more powerful tools for searching?
Solution
Open the link. Right click anywhere on the page and click on "View Page Source". We see immediately that the
source is very large and contains many sublinks, so we want to find a better way to comb through each file to
find the flag. We open up a terminal and first use the command
wget -r -p http://saturn.picoctf.net:52523/, where
wget retrieves content from web servers (World Wide Web -- get), with options
-r
stands for recursive and specifies a recursive download, and -p for page-requisites
and get all images, etc. needed to display the HTML page. From here, we run the command
grep -r -F "picoCTF" ., where grep searches plain-text files for lines that match a
regular expression (global regular expression print), with options -r similarly stands for
recursive and specifies a recursive search, and -F to find simple text. The output of the
terminal gives the following:
jackwin@COMPUTER saturn.picoctf.net:52523 % grep -r -F "picoCTF" .
so we know that the flag is found in the style.css
page (we can check this by viewing the original page source of the website and navigating to css/style.css and
finding the line containing the flag). Copy and paste the flag displayed in the output.
./css/style.css:/** banner_main picoCTF{1nsp3ti0n_0f_w3bpag3s_ec95fa49} **/