Some Assembly Required 1 [PicoCTF]

Surya Dev Singh
3 min readJan 28, 2022

category: Web-Exploitation

Description :

http://mercury.picoctf.net:26318/index.html

on visiting the website, we got a very minimalistic UI interface :

viewing the source code of the website, we can see that there is one javascript file. let's try to visit that !!

there is obfuscated javascript, the code is very hard to read, although we can make the code readable, and try to figure out what code is doing, but it will take some time. now I found something more interesting and simple if we look at the network request when visiting the site, there is one strange-looking file being fetched.

now since we are dealing with web assembly :

the above file is a portable binary code file that is being loaded in a browser.

we can view the content of it, if readable :

and as you can see, there is a readable text string in the wasm file, which is our flag !!

picoCTF{8857462f9e30faae4d037e5e25fee1ce}

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

THANK YOU FOR READING MY WRITE-UP!! 👊👊

please support me by following me on medium :

you guys can subscribe to me 🙌on YouTube: I post walkthroughs and other ethical hacking-related videos there.

some of my other writeups are below :

--

--

Surya Dev Singh

enthusiast cyber security learner and penetration tester / ethical hacker , python programmer and in my free time you will find me solving CTFs