50 points
Category: Web Exploitation
Tags: #webexploitation #base64
Do you know how to use the web inspector? Start searching here to find the flag
Opening the supplied link and opening the web inspector, the sources for each page were examined for anything that may resemble a flag or flag in obfuscated form.
Navigating through the webpage navigation bar containing "Home", "About" and "Contact" the following was found within the source for about.html:
...
<section class="about" notify_true="cGljb0NURnt3ZWJfc3VjYzNzc2Z1bGx5X2QzYzBkZWRfZGYwZGE3Mjd9">
<h1>
Try inspecting the page!! You might find it there
</h1>
<!-- .about-container -->
</section>
...
The value for notify_true looks suspiciously like an encoded string.
Decoding using base64, decodes the flag :
$ echo "cGljb0NURnt3ZWJfc3VjYzNzc2Z1bGx5X2QzYzBkZWRfMjgzZTYyZmV9" | base64 -d
picoCTF{...........redacted.............}
Where the actual flag value has been redacted for the purposes of this write up.