Version
By |
Version |
Comment |
noraj |
1.0 |
Creation |
CTF
Description
Just put in the password for the flag! Link
Solution
- Display source code
CTRL + U
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42
| </html>
<html> <head> <link rel="stylesheet" href="main.css"> <link href='https://fonts.googleapis.com/css?family=Inconsolata' rel='stylesheet' type='text/css'> <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.2/jquery.min.js"></script> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/materialize/0.97.6/css/materialize.min.css">
</head>
<body> <div class="row"> <div class="col l6 push-l3"> <center><h3 class="white-text">Web 1</h3><br><h3 class="white-text">Simple</h3></center> </div> </div> <div style="margin-top: 20%" class="row"> <div class="col l4 push-l4"> <form action="." method="post"> <h5 class="white-text">Password: </h5> <input type="password" name="password" required> <input id="submit" type="submit" value="Submit"> </form> </div> </div>
<div class="row"> <div class="col l4 push-l4" id="response-wrong"> </div> </div>
</body>
<script type="text/javascript" src="fade.js"></script>
</html>
|
- We get a string in comment that look like a hard-to-guess password
7xfsnj65gsklsjsdkj
- Try this password and the flag will appear
- ... but shortly because of the js:
fade.js
1 2 3
| $(document).ready(function(){ $("#response").fadeOut(2000); });
|
- Block it with NoScript or be quick!
- Flag:
ABCTF{insp3ct3d_dat_3l3m3nt}