- There is some interesting information hidden around this site http://mercury.picoctf.net:39491/. Can you find it?
- Author: madStacks
- Tags : picoCTF2021 , WebExploit
- Source: URL
This is also inspector concept , So i think inspect all pages and source of this website.Source attached from picoCTF
Step - 1 :
- Visiting the website, we right click and choose to view source code, getting the first third of the flag, included as a html comment: Result
- When i got the 1st part of flag in the 31 th line on Source Page
<!-- Here's the first part of the flag: picoCTF{t -->
Step - 2 :
- Then Inspect the site
Ctrl + Shift + Iand Click on the style editor - I got the Second pard of flag in 51 line on mycss.css
Step - 3 :
- Then i try to access the js file like
https://jupiter.challenges.picoctf.org/problem/9670/myjs.js /* How can I keep Google from indexing my website? */~ Which is the last line of the myjs.js- oh no there no flags are present.But hint is here.
- Now think that
which is used to index from google?
Step - 4:
How can I keep Google from indexing my website?~ which is robots.txt of the webpage .- So enter the link
http://mercury.picoctf.net:39491/robots.txt - The 3rd pard is here
Step - 5:
- Last line have hint for next flag
I think this is an apache server... can you Access the next flag?. - The file
.htaccesshave the access details , SO Enter thehttp://mercury.picoctf.net:39491/.htaccess - The 4th flag is gotted.
Step - 6:
- Then the next hint is
I love making websites on my Mac, I can Store a lot of information there - The information are stored in the .DS_Store
- So Search the link
http://mercury.picoctf.net:39491/.ds_store - There is the final flag.
