In level 2, we see a broken image with an accompany text,
It seems like the image is broken..Can you check the file?
By opening the image in a new tab, it displays the image in this link.
Since it don’t seem like a valid image, let’s look around to see if there is other information hidden in the page source (again) or in the scripts. Apparently, there is a hidden script, “aW5mb3NlY19mbGFnaXNfd2VhcmVqdXN0c3RhcnRpbmc=”, you can easily identify it using Firebug, a very popular developer plugin in the Firefox web browser.
Well, since there is a “=” symbol appended to the end of the string, based on experience, it is most likely a base64 encoded string. You can use any decoder tool to perform base64 decoding to identify the content, personally, I like to use Hackbar, also a plugin in the Firefox web browser.
After performing base64 decoding, you will get the flag, “infosec_flagis_wearejuststarting”.
Back to write-up list for InfoSec Institute CTF #1: Hacking for n00bz