Auditing The Board
Web: Auditing the Board
Challenge Description
There’s something fishy about that list of board members… something’s hiding there… I just know it.
Approach
This challenge starts off with a clue giving us our target webpage: http://leftmanbrothers.ctf.urisc.club/board
Navigating through this webpage there is nothing noteable except some questionable director names. Nothing stands out
We relate back to our clue about “something hiding there”.
From here we can use inspect element to investigate the pages and we can see the first fragment of our flag being
<!-- RISC{ -->
This indicates the start of our flag fragment and we continue finding the following fragments scattered throughout the board of directors
<!-- l00k_m -->
<!-- 0m_1m -->
<!-- _a_r3 -->
<!-- 4l_1 -->
<!-- 337 -->
<!-- _h4ck -->
<!-- 3r_n0 -->
<!-- w!} -->
By piecing these fragments together and trimming out the HTML comment syntax, we reconstruct the complete flag:
RISC{1m_a_r34l_l00k_1337_h4ck3r_n0w!}