+ | hidden done

hidden/README.md

@@ -0,0 +1,14 @@
+# Finding the Hidden Flag
+
+## How We Found It
+First we went throught basic analysis of the website and thought of `.robots.txt`.
+
+`Dissallow: /.hidden`
+
+We wrote a script that crawled through the website’s `.hidden` directory. It checked every subdirectory and looked for each README file, examining the byte of its content. When that byte deviated from the expected pattern, we knew we’d found the flag!
+
+## Utility of It
+For this project, there wasn’t any real-world utility, it was just a roleplay exercise for school to learn about web crawling and threading.
+
+## How Can We Patch It
+The easiest fix is to restrict public access to sensitive files. Don’t place secret files in directories that are directly accessible from the web.

hidden_robot/README.md

@@ -1,18 +0,0 @@
-# Finding the Hidden Flag
-
-This is a quick rundown of our school project where we hacked a website (in a controlled lab environment) to find a hidden flag.
-
-## What We Did
-
-- **Starting Point:**  
-  We began at the `.hidden` directory, which was kept out of search engines by the `robots.txt` file.
-
-- **How It Worked:**  
-  We built a script that went through each subdirectory looking for a README file. It checked the last byte of the file to spot any unusual values. If the byte didn't match the normal pattern, we knew we had found the flag.
-
-- **Speeding Things Up:**  
-  We used multi-threading so that multiple pages could be checked at once, which made the process much faster.
-
-## Takeaway
-
-This project taught us how to combine directory traversal with threading and basic HTML parsing to uncover hidden information. Check out the repo for the full code!