Duy's Tinkerings

picoCTF 2022 | Search Source Write-up

Challenge description

The developer of this website mistakenly left an important artifact in the website source, can you find it? The website is here

Category: Web Exploitation

Solution

The flag is located in a comment in the style.css file. You can get lucky while manually looking for it while inspecting the source.
But, the better solution is to clone the website and then look locally using more powerful search tools. I cloned the site with the wget -rpk command.
I initially found the flag using my text editor’s search function:

You can also accomplish the same thing using grep:

Just remember to include the -r option so grep looks recursively through your files

Leguminosae

April 9, 2022

ctf, picoCTF, picoCTF 2022

picoCTF, picoCTF 2022, Web Exploitation

Leave a Reply Cancel reply

Enter your comment here…

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

picoCTF 2022 | Search Source Write-up

Challenge description

Solution

Share this:

Like this:

Leave a Reply Cancel reply