Xiomara CTF 2017 - No Flags? - 50 | Ph03nix Team

Ph03nix Team

H4ck f0r fun

Home About Us
Xiomara CTF 2017 - No Flags? - 50
Hank

Challenge:

What would you do if we tell you there are no flags for this question? Go on, solve it. That reminds me, Nothing is impossible.
http://139.59.61.220:23467/


Nothing on here, let’s take a quick look at “robots.txt”:

User-agent:*
Disallow: /flags/
Disallow: /more_flags/
Disallow: /more_and_more_flags/
Disallow: /no_flag/  


When looking at the last one, we can see an interesting contrast to the other ones. We see weird characters, which are encoded by the following function:

function encode(str){
 str = str.replace(/http:/g, "^^^");
 str = str.replace(/bin/g, "*^$#!")
 str= str.replace(/com/g, "*%=_()");
 str= str.replace(/paste/g, "~~@;;");
} 


After decoding the string, we get http://pastebin.com/SwzEKazp. Hoping to find the flag there I directly jumped to the link but only faced disappointment, as I saw the text, that the page was removed. I googled a bit and came to the idea to use the wayback machine, which was the correct answer. Searching the history revealed a snapshot with a base64 encoded string.

Decode and finish: xiomara{1_4m_mr_r0b07}