PicoCTF2022 - Secrets
Description
We have several pages hidden. Can you find the one with the flag? The website is running here.
Information
Point Value: 200 points
Category: Web Exploitation
Hints
- folders folders folders
Solution
We first do the same thing as we did in Search Source by cloning the entire website and searching for the flag within the files. However, we don't find anything, so the flag must be hidden somewhere. We go back and look at the original source code of the index.html file. We notice that there is a link on the bottom contained in the folder /secret/. Investigating this folder itself by going to the link, we see another subfolder named /hidden/. Again, we see on the top of a subfolder named /superhidden/, which finally reveals the flag. If the flag can't be seen, then view the source code for the page and then copy and paste the flag found in the source code.