Some Assembly Required 1 [PicoCTF]

category: Web-Exploitation

Description :

http://mercury.picoctf.net:26318/index.html

on visiting the website, we got a very minimalistic UI interface :

viewing the source code of the website, we can see that there is one javascript file. let's try to visit that !!

there is obfuscated javascript, the code is very hard to read, although we can make the code readable, and try to figure out what code is doing, but it will take some time. now I found something more interesting and simple if we look at the network request when visiting the site, there is one strange-looking file being fetched.

now since we are dealing with web assembly :

the above file is a portable binary code file that is being loaded in a browser.

we can view the content of it, if readable :

and as you can see, there is a readable text string in the wasm file, which is our flag !!

picoCTF{8857462f9e30faae4d037e5e25fee1ce}

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

THANK YOU FOR READING MY WRITE-UP!! 👊👊

please support me by following me on medium :

Surya Dev Singh - Medium

you guys can subscribe to me 🙌on YouTube: I post walkthroughs and other ethical hacking-related videos there.

Kryolite Security

some of my other writeups are below :

Mr.Robot CTF[TryHackMe]

ARMssembly 0 [picoCTF]

Year of the Fox [Tryhackme]

Simple CTF

Subdomain Enumeration [TryHackme + Intro To Web Hacking]