Okay so this is the first challenge in the Hacker101 CTF. Not much of a challenge at all, but it does give us points and we do like points.
There’s not much in here, looks like a simple welcome message. First step, always check the source code.
Still not much in there. Only 15 LoC, including the empty lines…
To hack an application, one must interact with it. The only thing we seem to be able to interact with is the background.png in the style tag. Let’s directly access it.
Bam flag found! It was indeed trivial.
Lessons learned
- Work with what you’re given
- Don’t leave any rocks unturned
- Don’t get fooled by file extensions