PicoCTF 2021 Writeup: GET aHEAD
Challenge Description:
Find the flag being held on this server to get ahead of the competition http://mercury.picoctf.net:47967/
Hints:
1. Maybe you have more than 2 choices
2. Check out tools like Burpsuite to modify your requests and look at the responses
Solution:
Let’s start this challenge by looking at all the information we have. First off our Challenge Title is giving us a hint. “GET” and “HEAD” are both types of HTTP Request headers. Secondly, our hint is telling us to attempt to use Burpsuite to modify our requests.
With these two bits of information lets jump into the actual challenge. Open up the website provided and manipulate the options. Notice that there are only two options, RED or BLUE. It does not seem like we can do anything special so now let’s launch inspect (CTRL-SHIFT-I on Chrome) to check for any low hanging fruit. Checking sources shows us that there is only an HTML page that looks like this:
We dont see any plaintext flags or hints in the HTML. Gently skimming through the file, it appears that when you choose a button the website is sending either a “GET” or “POST” request. Check out this page to read more about HTTP requests.
From hint two, we know that BurpSuite may be helpful for manipulating the requests. Burpsuite is rather advanced, however it is a great tool. I will be publishing an article on Burpsuite Basics later.
For now we are going to be using Postman to send requests to the HTTP server. Open up Postman, select the request type and lets try “HEAD” (since it is in the challenge name), and finally paste in the URL as shown:
Sending this request will return two headers, click the headers tab below and you have your flag. Good luck!
Like this content? Subscribe to Medium for more!
