search
githubEdit

Ancient History

hashtag
Problem

I must have been sleep hacking or something, I don't remember visiting all of these sites... http://mercury.picoctf.net:45211/arrow-up-right (try a couple different browsers if it's not working right)

hashtag
Solution

  1. Visiting the website just shows "Hello World!", but viewing the source shows a lot of obfuscated JavaScript.

  2. The browser history shows that the JavaScript performs some redirects where the URL parameter is a single character of the flag.

  3. The issue is that visits to a page with the same character as the parameter are collapsed on the history page of modern browsers. So, let's try deobfuscating the code using JSNicearrow-up-right.

  4. Interestingly, the actual changes to the history (window.history.pushState) are made in the clear. Therefore, the obscuration is a meaningless distraction.

  5. Let's search the page HTML using a regular expression urlpath:.\/index\.html\?. and then combine the last character of all matches using a Python scriptarrow-up-right.

hashtag
Flag

picoCTF{th4ts_k1nd4_n34t_0b0a1adf}

PreviousTransformationNextBithug

Last updated