picoCTF 2021 GET aHEAD Writeup

GET aHEAD is a Web Exploitation challenge worth 20 points.

The description of this challenge is:

Find the flag being held on this server to get ahead of the competition

The challenge name gives a hint, capitalizing GET and HEAD, which are HTTP methods. Using the HEAD method yields the flag:

% curl -I HEAD http://mercury.picoctf[.]net:15931/
curl: (6) Could not resolve host: HEAD
HTTP/1.1 200 OK
flag: picoCTF{lol_redacted}
Content-type: text/html; charset=UTF-8

One thought on “picoCTF 2021 GET aHEAD Writeup

  1. Pingback: picoCTF Writeups – DMFR SECURITY

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s