0xL4ugh CTF: Web: Sad_Agent (200)

This is from the 0xL4ugh CTF.

For this challenge we are given a mildly cryptic description:

do you know … i have secret organization called sad can’t anyone access it by any browser and you should be sad to access and decode anything in your bad life link : http://168.61.3.216/sad_agent/ author : Sad Coder

When I go to the link, I get this page:

When I click the “chek” button, I get some information…

This tell me that the browser’s user agent property is important. Referring back to the challenge text, I believe I need to change my browser’s user agent property to “sad”, so I do this in Chrome’s Developer Tools…

After doing this, I click the “chek” button again and get better results. (I highlighted the black text that is over the black background).

Looking at the resulting source code, I see a strange value for a form input field.

Seeing the makeup of the value, I think it might be base64, so I decode it to…

Interesting! The page appears to take commands through this base64 encoded field. To do a POC, I encode a different command to see what it does…

I see that I get something different. Let’s go for the flag using:

show_source("index.php");

BINGO! The flag was imbedded in the PHP code.

This was a fun challenge. Thank you to Sad Coder. Hopefully you can find some happiness in this writeup!