I share how I solved They Are Coming CTF challenge.
When I access to the web page, there was a robot pic.
Also, I noticed that the question continuously mentions robots. So I checked the robots.txt file first.
and Yes, there was something on the text file.
The decryption key is given which means the flag is probably encrypted.
Also, there is a base64 encoded hash. I decoded it.
echo L3NlY3JldC1sb2NhdGlvbg== | base64 -d
/secret-locationOk, the decoded content is /secret-location.
It’s definitely inviting me to the secret-location directory.
When I visited the page, there was a banner like below.
It’s saying Army of 128 Aesthetic blahblah. It looks the flag is AES-128 encrypted.
Ok, I found the decryption key and I know it is AES-128 encrypted. But I couldn’t find the encrypted context in the page.
I run gobuster but failed to get any meaningful results.
I inspected the web page to discover any useful information.
But then, from the local storage, I found something interesting.
There is the flag and the value is encrypted context.
Ok, I decrypted it with the given key before.
Then, boom! I got the flag!
