Write-up author : jon-brandy
Can you find the robots? https://jupiter.challenges.picoctf.org/problem/60915/
or http://jupiter.challenges.picoctf.org:60915
What part of the website could tell you where the creator doesn't want you to look?
- We can try to check hidden file(s) inside the website using tools that are similiar to
dirbuster
andgobuster
. It is calledDIRB
. - Try to run the command
dirb https://jupiter.challenges.picoctf.org/problem/60915/ -X .txt
.-X
means extension, so basically from the command means we want to check are there any file(s) hidden in this website that has the.txt
extension. - Then click enter.
- This might be took a few minutes.
- Finally we got this output:
- From the output we got information, that there is a
robots.txt
file inside the website. - Try to change the url to
https://jupiter.challenges.picoctf.org/problem/60915/robots.txt
. - Then the page changed to this:
- The last step, try to change the url using the Disallow mentioned.
/8028f.html
->https://jupiter.challenges.picoctf.org/problem/60915/8028f.html
- Finally, we can see the flag.
picoCTF{ca1cu1at1ng_Mach1n3s_8028f}