Web Exploitation - Search Source - writeup

description

The developer of this website mistakenly left an important artifact in the website source, can you find it? The website is here

writeup

I was not able to find anything interesting on the website by just looking at the source code in the browser.

So let’s clone the website first using HTTrack so we can take a look at the full source.

1

httrack http://saturn.picoctf.net:64200/

Let’s use grep recursively to find the flag inside all of the files of the webroot.

1
2
3

grep -nr 'picoCTF*' .

./css/style.css:328:/** banner_main picoCTF{1nsp3ti0n_0f_w3bpag3s_3003ba70} **/

We found the flag inside the file css/style.css on line 328.

Flag:

1

picoCTF{1nsp3ti0n_0f_w3bpag3s_3003ba70}