The flag is somewhere on this web application not necessarily on the website. Find it. Check this out.
Category: Web Exploitation
While the challenge’s title is indeed the name of a popular font, this is a clever pun, hinting towards the main target of the challenge: the
robots.txt is a file used to manage web crawlers’ access to a website. You can learn more about it here.
Back to the challenge, you can easily access the file in question by adding
/robots.txt to the site’s url. In this case, it’d be
Some of the random-looking text are just gibberish, but
anMvbXlmaWxlLnR4dA== looks like
base64 encoded text.
Decoding this text gives us the text “js/myfile.txt”
Let’s view this file on the website by going to