search

Nobody loves me

Security Summer School

Info
Details

Category

Web Exploitation

Difficulty

Easy

hashtag
Challenge Overview

We've got a very user-friendly website, but we don't care, we don’t find the flag here.

Analyzing the page source, at the very bottom, we see this:

<script>
	function ernqsvyr() {
		$.ajax({
			url: './ernq-svyr.php',
			dataType: "text",
			success: function(data){
				console.log(data);
			}
		});
	}
</script>

We obtain that URL path. When we add that to the base link, we're redirected to a site where we simply get the flag in our face.

The key in this type of challenge is not to discourage yourself when you see a lot of text. Just check important things like the top, the bottom, main.js, etc.

hashtag
Final Flag

SSS{did_y0u_just_c4ll_m3_h3r3_qu3sti0n_m4rk}

made by k0d

PreviousTraverse universeNextMind your own business

Last updated