On this challenge we are faced with a somewhat cryptic description and an IP address:
If we access that IP address on a browser we see this:
My first thought is to analyze the site with the Developer Tools. In Firefox and Chrome you can access this by hitting F12.
Not much is revealed until we check the Storage tab and we look at the cookie provided by the site:
I think I recognize the Value of this cookie as a good candidate for a base64 encoded string. I proceed to visit Base64Decode and attempt to decode the string. We obtain this curious text:
This looks promising! It could be a flag although it lacks the CTT{} formatting of this event’s flags. But, unsurprisingly, this string is rejected as the flag. Try harder!
Well here we are talking about space and a huge flying rock. I would call that an asteroid. What if we input asteroid as our cookie value? Will we ‘denotate’ the challenge? *wink*
First we encode the string asteroid using Base64Encode to obtain this:
We change the Value of our cookie so it looks like this:
We reload the page and.. eureka!
What a blast!
Special thanks to Capture The Talent for the initiative and the great fun!