RC3 CTF 2016: Who’s a Good Boy? (100 points)


Who’s a good boy?

You’re trying to see the cute dog pictures on ctf.rc3.club. But every time you click on one of them, it brings you to a bad gateway.


— Your friendly neighborhood webadmin


Let’s start by having a look at the website at the URL given in the description (https://ctf.rc3.club:3000/). At first sight, it seems to only load the same picture, repeating the pattern below:

Then, I saw that another image was requested through an additional GET request to the following URL:

As it said that “we’re getting there”, I first thought there would have been something on the other end of the link, which turned out to be a WordPress website. On second thought, this was outside the scope of the CTF environment, so hacking into there might not be a good idea.

Another look at the homepage showed the first part of the page looked like this:

If there was something on the page itself, it must be in the doge.css file that’s referenced here.

Let’s have a look at the file at https://ctf.rc3.club:3000/doge.css. The last part of the CSS file contained the following:

Gotcha! The flag is RC3-2016-CanineSS.

Lessons learned from this challenge: never skip the obvious.


Leave a Comment

Your email address will not be published.