picoCTF - Web Exploitation - Includes

2022-04-06 213 words One minute

Contents

Web Exploitation - Includes - writeup

Can you get the flag? Go to this website and see what you can discover.

Ok so I went ahead and visited the url http://saturn.picoctf.net:52811/ in firefox.

I am presente with a webpage with a bunch of text and a button that says “Say hello”.

Once I press that button I get a javascript alert() popup that says “This code is in a separate file!”

If I look at the source code of that button I see this:

1
onclick="greetings();"

So the button is calling a javascript function ‘greetings()’

Lets take a look at that function.

Since the html code is including the js code from a seperate file:

1
<script src="script.js"></script>

We need to take a look at that file

So once I point my browser at the address http://saturn.picoctf.net:52811/script.js I see the following JavaScript Code:

1
2
3
4
5
6
function greetings()
{
  alert("This code is in a separate file!");
}

//  f7w_2of2_3d50f001}

The comment looks like a part of our flag!

There is also a CSS stylesheet ‘style.css’

1
2
3
4
5
body {
  background-color: lightblue;
}

/*  picoCTF{1nclu51v17y_1of2_  */

Great! Here is our first part of the flag.

Lets put it together:

picoCTF{1nclu51v17y_1of2_f7w_2of2_3d50f001}

So the flag is:

1
picoCTF{1nclu51v17y_1of2_f7w_2of2_3d50f001}