This is from the 0xL4ugh CTF.
For this challenge we are given a mildly cryptic description:
do you know … i have secret organization called sad can’t anyone access it by any browser and you should be sad to access and decode anything in your bad life link : http://168.61.3.216/sad_agent/ author : Sad Coder
When I go to the link, I get this page:
When I click the “chek” button, I get some information…
This tell me that the browser’s user agent property is important. Referring back to the challenge text, I believe I need to change my browser’s user agent property to “sad”, so I do this in Chrome’s Developer Tools…
After doing this, I click the “chek” button again and get better results. (I highlighted the black text that is over the black background).
Looking at the resulting source code, I see a strange value for a form input field.
Seeing the makeup of the value, I think it might be base64, so I decode it to…
Interesting! The page appears to take commands through this base64 encoded field. To do a POC, I encode a different command to see what it does…
I see that I get something different. Let’s go for the flag using:
show_source("index.php");
BINGO! The flag was imbedded in the PHP code.
This was a fun challenge. Thank you to Sad Coder. Hopefully you can find some happiness in this writeup!