Skip to content

Latest commit

 

History

History

who-are-you

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
index.html
index.html
 
 
index1.html
index1.html
 
 
index2.html
index2.html
 
 
index3.html
index3.html
 
 
index4.html
index4.html
 
 
index5.html
index5.html
 
 
sitepicture1.png
sitepicture1.png
 
 

README.md

Notes

Challenge: Who are you?

Given Website link:

http://mercury.picoctf.net:1270/

After going to the link from a browser it shows a GIF that says

Only people who use the official PicoBrowser are allowed on this site!

1st image of the link

Sending a request using wget with different user agents, I found that the user agent PicoBrowser is allowed.

wget http://mercury.picoctf.net:1270/ -U PicoBrowser

From this request i get a html page that says.

I don't trust users visiting from another site.

So i read up on Referer and found that the Referer header allows the client to specify, for the server's benefit, the address (URI) of the resource from which the Request-URI was obtained. I added the Referer header to the request.

wget http://mercury.picoctf.net:1270/ -U PicoBrowser --header='Referer: http://mercury.picoctf.net:1270/'

The html from this request shows the message

Sorry, this site only worked in 2018

It means that the site will work with date header of 2018. So i added the Date header to the request.

wget http://mercury.picoctf.net:1270/ -U PicoBrowser --header='Referer: http://mercury.picoctf.net:1270/' --header='Date: Sun, 01 Jan 2018 00:00:00 GMT'

The HTML from this request shows the message

I don't trust users who can be tracked

So, I sent request with DNT header.

wget http://mercury.picoctf.net:1270/ -U PicoBrowser --header='Referer: http://mercury.picoctf.net:1270/' --header='Date: Sun, 01 Jan 2018 00:00:00 GMT' --header='DNT: 1'

After this request the HTML shows the message

This website is only for people from Sweden.

So to make the request appear as if it is from Sweden, I used the X-Forwarded-For header with a Swedish IP address.

wget http://mercury.picoctf.net:1270/ -U PicoBrowser --header='Referer: http://mercury.picoctf.net:1270/' --header='Date: Sun, 01 Jan 2018 00:00:00 GMT' --header='DNT: 1' --header='X-Forwarded-For:85.24.171.84'

Not the response HTML shows the message

You're in Sweden but you don't speak Swedish?

So I used the Accept-Language header to make the request appear as if it is from Sweden and the language is Swedish.

wget http://mercury.picoctf.net:1270/ -U PicoBrowser --header='Referer: http://mercury.picoctf.net:1270/' --header='Date: Sun, 01 Jan 2018 00:00:00 GMT' --header='DNT: 1' --header='X-Forwarded-For:85.24.171.84' --header='Accept-Language:sv-SE'

After this request the HTML shows the flag.

picoCTF{http_h34d3rs_v3ry_c0Ol_much_w0w_f56f58a5}