Back to Walkthroughs
WebDecode
PicoCTF Web Exploitation [Easy]Easy

WebDecode

#tutorial

Challenge Description

image

Solution and Analysis

To start solving first spawn the instance and visit the website it provides, you will be greeted with the following page

image

Navigate to the above page and press CTRL+SHIFT+U to get the browser developer tools

image

In the source code you get this suspicious line

<section class="about" notify_true="cGljb0NURnt3ZWJfc3VjYzNzc2Z1bGx5X2QzYzBkZWRfMjgzZTYyZmV9">
   <h1>
    Try inspecting the page!! You might find it there
   </h1>
   <!-- .about-container -->
  </section>

Just take the value inside notify_true and decode it from base64 to get the flag! You can use a tool like CyberChef to do this

image