Insp3ct0r | Mar 3, 2023
Introduction
Welcome to my another writeup! In this picoGym challenge, you’ll learn: Inspecting HTML! Without further ado, let’s dive in.
- Overall difficulty for me (From 1-10 stars): ★☆☆☆☆☆☆☆☆☆
Background
Author: zaratec/danny
Description
Kishor Balan tipped us off that the following code may need inspection:
https://jupiter.challenges.picoctf.org/problem/44924/ (link) or http://jupiter.challenges.picoctf.org:44924
Enumeration
Home page:
Pretty empty.
Let’s view source page:
[...]
<head>
<title>My First Website :)</title>
<link href="https://fonts.googleapis.com/css?family=Open+Sans|Roboto" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="mycss.css">
<script type="application/javascript" src="myjs.js"></script>
</head>
[...]
<!-- Html is neat. Anyways have 1/3 of the flag: picoCTF{tru3_d3 -->
[...]
In here, we found the first 3 parts of the flag: picoCTF{tru3_d3.
In the <head> element, we also see that there are 2 files are being imported: mycss.css, myjs.js.
mycss.css:
[...]
#tabintro { background-color: #ccc; }
#tababout { background-color: #ccc; }
/* You need CSS to make pretty pages. Here's part 2/3 of the flag: t3ct1ve_0r_ju5t */
myjs.js:
[...]
window.onload = function() {
openTab('tabintro', this, '#222');
}
/* Javascript sure is neat. Anyways part 3/3 of the flag: _lucky?f10be399} */
We found all 3 parts!
- Flag:
picoCTF{tru3_d3t3ct1ve_0r_ju5t_lucky?f10be399}
What we’ve learned:
- Inspecting HTML