PicoCTF Web Exploitation [Easy]Easy
Bookmarklet
#tutorial
Challenge Description
Solution and Analysis
To start the challenge first spawn the instance and visit the website it provides, you will get the following page
We get the js code in that page
javascript:(function() {
var encryptedFlag = "àÒÆÞ¦È¬ëÙ£ÖÓÚåÛÑ¢ÕÓÓÇ¡¥Ìí";
var key = "picoctf";
var decryptedFlag = "";
for (var i = 0; i < encryptedFlag.length; i++) {
decryptedFlag += String.fromCharCode((encryptedFlag.charCodeAt(i) - key.charCodeAt(i % key.length) + 256) % 256);
}
alert(decryptedFlag);
})();
To get the flag just copy the code from the function() keyword till the ; and run it in the browser console as shown to get the flag