ctf.hacker101 — A little something to get you started
We are starting our exercise with GO option at the end of the exercise title on https://ctf.hacker101.com/ctf
We are seeing just a simple text. “Welcome to level 0. Enjoy your stay.”
First of all, we reviewed the code structure by F12 or Inspect (CTRL+SHIFT+I) option on mouse right click.
When we examine the code structure, HTML coding is seein as below
<html>
<head>
<style class="vjs-styles-defaults">
.video-js {width: 300px;height: 150px;}
.vjs-fluid {padding-top: 56.25%}
</style>
<style>
body {
background-image: url("background.png");
}
</style>
</head>
<body>
<p>Welcome to level 0. Enjoy your stay.</p>
</body>
</html>It doesn’t seem to make any sense, but background-image: url (“background.png”); gives us the clue, what we are looking for.
When we start practicing, we understand that it has a directory structure from the address of the site.
We check the folder structure is open by deleting the part at the end of the address. We could not access folder directory.
At this point, we add background.png at the end of the address. Because of the code review, background image has an URL, which shows us a different redirect on the site.
RESULT: The flag was captured.
