picoCTF - Insp3ct0r Solution

picoCTF - Insp3ct0r Solution

Insp3ct0r Solution

This is the solution for picoCTF's Insp3ct0r web exploitation problem.

Screenshot 2024-04-12 at 12 34 40 AM

This problem was taken from the picoCTF 2021 and the solution will be discussed below. So proceed with caution.

This one is fairly straightforward.

Opening the link we are redirected to a website showing the following:

Screenshot 2024-04-12 at 12 38 24 AM

Investigating the site we naturally look at the source code. Right click the page and left click View Page Source in the browser.

Screenshot 2024-04-12 at 12 39 28 AM

Here we find out that the html part has the first part of the flag. Flag 1/3: picoCTF{tru3_d3

Screenshot 2024-04-12 at 12 39 28 AM

Looking at the How tab of the website it mentions that it used html, css, js to create the site.

Screenshot 2024-04-12 at 12 45 06 AM

We have seen the html part. Now let's look at the css part. Just open the mycss.css and myjs.js link in the source page we have opened before.

Screenshot 2024-04-12 at 12 43 30 AM

The second part of the flag can be found at mycss.css. Flag 2/3: t3ct1ve_0r_ju5t

Screenshot 2024-04-12 at 12 47 30 AM

The last part of the flag can be found at myjs.js. Flag 3/3: _lucky?f10be399}

Screenshot 2024-04-12 at 12 49 09 AM

Combining all the parts we get the full flag.

Flag: picoCTF{tru3_d3t3ct1ve_0r_ju5t_lucky?f10be399}

Until next time. Keep learning.

Stay stoked and code. :)

I hope you can voluntarily Buy Me A Coffee if you found this article useful and give additional support for me to continue sharing more content for the community. :)

Thank you very much. :)