Hacking for n00bz – Level 2

In level 2, we see a broken image with an accompany text,

It seems like the image is broken..Can you check the file?

n00bz Level 2

By opening the image in a new tab, it displays the image in this link.

n00bz Level 2

Since it don’t seem like a valid image, let’s look around to see if there is other information hidden in the page source (again) or in the scripts. Apparently, there is a hidden script, “aW5mb3NlY19mbGFnaXNfd2VhcmVqdXN0c3RhcnRpbmc=”, you can easily identify it using Firebug, a very popular developer plugin in the Firefox web browser.

n00bz Level 2

Well, since there is a “=” symbol appended to the end of the string, based on experience, it is most likely a base64 encoded string. You can use any decoder tool to perform base64 decoding to identify the content, personally, I like to use Hackbar, also a plugin in the Firefox web browser.

After performing base64 decoding, you will get the flag, “infosec_flagis_wearejuststarting”.

Back to write-up list for InfoSec Institute CTF #1: Hacking for n00bz

Advertisements

One thought on “Hacking for n00bz – Level 2

Leave a Message

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s