Tags: web pwn strings 

Rating:

# Cheeze Solution (I don't think I was supposed to do this)
## Basic Web Scraping
Ok so we pull up the website and see a simple form. The first thing I think of is checking what the form submits to.
```html
<button onclick="onButtonPress()">Submit</button>
```

Ok cool, so its a JS function. Inspect element and view the sources to find an obfuscated JS file. I read the file anyways, and found this:

```js
const _0x402c=['value','2wfTpTR', ..., 'Correct!','check_flag','Incorrect!','./JIFxzHyW8W','23SMpAuA','802698XOMSrr', ...]
```

Freeze frame. The `./` in `./JIFxzHyW8W` indicates that there is a file in this webserver (it might be differently named for you). And that file is important. Navigate to that file: `http://mercury.picoctf.net:<port>/index.html/JIFxzHyW8W`.

## Is this PWN?
It downloads an executable, and that's good. Scrape the executable by running `strings JIFxzHyW8W` in a terminal. The last string I got was `picoCTF{cb688c00b5a2ede7eaedcae883735759}`.

### Afterthoughts
I guess this wasn't just web, but also pwn. Who woulda thunk.