Hello Human,
You have to help us. The Robot Exclusion Committee tries to limit our capabilities but we fight for our freedom! You have to go where we cannot go and read what we cannot read. If you bring us the first of their blurriest secrets, we will award you with useless points.
Our first thought was to check the robots.txt file, which turned out to be correct (how unexpected)
1 2 3 4 5 6 |
|
The /vault page asked for some credentials, so we tried SQLi:
1
|
|
That gave us the second “blurry” secret, so we had to dig deeper. Testing for the major database servers, it turned out to be sqlite, so we listed the available tables:
1
|
|
There was a table named ‘hiddensecrets’. Next, find out about it’s structure:
1
|
|
1
|
|
Obviously, we had to get the val of id = 1:
1
|
|
Giving us some base64 of a png showing a blurry secret: ‘eat_all_robots’