n00bz Level 4

Hacking for n00bz – Level 4

For a bounty of $40, level 4 shows a very cute cookie monster image with the text “HTTP means Hypertext Transfer Protocol”.

When hovering your mouse over the image, it gives a pop-up text saying “stop poking me”. Now, that is quite a hint. The pop-up message is trying to tell us that there is nothing with the image, to obtain the flag, we should focus on HTTP’s element itself.

n00bz Level 4

So, who is in the image? Cookie monster? Let’s look at the list of cookies on the page… bingo! There is a suspicious looking cookie, called fusrodah.

People who have played the game “Elder Scrolls V: Skyrim” would know what it is. “Fus Ro Dah” is one of the shouts (it’s like the spells/magic in other games) that can be performed in the game, it basically sends out a shockwave to its target to push them back or make them fall. It have since become an internet meme.

n00bz Level 4

At this point, logically speaking, we have to do some trial and error to see what does “vasbfrp_syntvf_jrybirpbbxvrf” means. However, since the string of text only contains alphabets, it is probably not encoded using an advanced method.

After performing a very simple ROT13 decryption using the ROT13 tool, there we go “infosec_flagis_welovecookies”.

Back to write-up list for InfoSec Institute CTF #1: Hacking for n00bz