Includes
Name: Includes Description: Can you get the flag? Go to this website and see what you can discover. Author: LT 'syreal' Jones Tags: Easy, Web Exploitation, picoCTF 2022, inspector Challenge from: picoCTF 2022 Hints: 1. Is there more code than what the inspector initially shows?
Theory
According to the description, to get the flag we have to inspect the HTML of that website, we don't get any more info on it, so let's just go to the website already.
Solution
So we'll open the website, and theres a button huh:
Alright, there's an alert in JavaScript being executed from another file, so let's see the view source with Ctrl+U and see if there's something in there that could help us:
There are two links, let's go to the style.css first which is the file that does all the styling of HTML:
body {
background-color: lightblue;
}
/* picoCTF{1nclu51v17y_1of2_ */
Yay, that's first part of the flag, now let's look in the script.js, which is the one that executed that alert before:
function greetings()
{
alert("This code is in a separate file!");
}
// f7w_2of2_b8f4b022}
Now that we have both parts of the flag, let's just join them, and we get this:
picoCTF{1nclu51v17y_1of2_f7w_2of2_b8f4b022}
There we go! That's the flag.
I rated this level as "good"! :3
https://play.picoctf.org/practice/challenge/274