# Ancient History ## Problem > I must have been sleep hacking or something, I don't remember visiting all of these sites... (try a couple different browsers if it's not working right) ## Solution 1. Visiting the website just shows "Hello World!", but viewing the source shows a lot of obfuscated JavaScript. 2. The browser history shows that the JavaScript performs some redirects where the URL parameter is a single character of the flag. 3. The issue is that visits to a page with the same character as the parameter are collapsed on the history page of modern browsers. So, let's try deobfuscating the code using [JSNice](http://jsnice.org/). 4. Interestingly, the actual changes to the history (`window.history.pushState`) are made in the clear. Therefore, the obscuration is a meaningless distraction. 5. Let's search the page HTML using a regular expression `urlpath:.\/index\.html\?.` and then combine the last character of all matches using a Python [script](https://github.com/HHousen/PicoCTF-2021/blob/master/Web%20Exploitation/Ancient%20History/script.py). ### Flag `picoCTF{th4ts_k1nd4_n34t_0b0a1adf}`