- Resource: NahamCon CTF 2020
- CTF Name: Localghost
- Points: 75
- Category: Web
Note::: This CTF is expired and no longer live so flags will be posted.
Flag1
Hint
- BooOooOooOOoo! This spooOoOooky client-side cooOoOode sure is scary! What spoOoOoOoky secrets does he have in stooOoOoOore??
- Note, this flag is not in the usual format.
Acquired By:
Step 1. General Look Around
When first looking at this page nothing really seems evident. If you scroll down then more ghosts are added to the page almost endlessly and the script doesn't appear helpful either.
There is an odd note in the Console Log that I haven't seen before...
Intercom
Array [ "Intercom" ]
undefined
This hint has to do with the first hint about client side code.
Client side code is code that runs in your browser, generally JavaScript, that will be "processed on the client machine and the HTML page will NOT perform a PostBack to the web-server. Traditionally, client-side scripting is used for page navigation, data validation and formatting." (1)
Step 2. How is this information helpful?
Now that I know that it is dealing with client side code I can dive into looking up information about Intercom and how it works.
** EDIT ** Turns out this was a rabbit hole.
As I was researching Intercom I started looking at the Javascript code that was being loaded and saw a bunch of Hex code in the jquery.jscroll2.js file.
Step 3. Decode the Hex
Now that I have a bunch of Hex I simply take it all over to a decoder and let it decode it for me.
Step 4. The Flag
Now that the flag is there I can see that it is being loaded in localStoreage by the code just after the flag that is "setItem","localStorage"
. Now that I know it's in localStorage I am not going to waste any time trying to decode it but instead see what's in the LocalStorage and there it is.
Learned
This flag showed me some interesting stuff about Intercom but really it taught me to check out some of the more obvious places first. LocalStorage and SessionStorage and fairly common places to store user data.
Top comments (0)