tom/darkly
1
0
Fork 0
mirror of https://github.com/tmoron/darkly.git synced 2025-09-27 12:48:35 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
d617047925e9878a104620a20204effb0dc5147a
darkly/hidden/README.md
RedShip 6d60ef316c + | hidden done
2025-04-08 16:24:20 +02:00

15 lines
744 B
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Finding the Hidden Flag
## How We Found It
First we went throught basic analysis of the website and thought of `.robots.txt`.
`Dissallow: /.hidden`
We wrote a script that crawled through the websites `.hidden` directory. It checked every subdirectory and looked for each README file, examining the byte of its content. When that byte deviated from the expected pattern, we knew wed found the flag!
## Utility of It
For this project, there wasnt any real-world utility, it was just a roleplay exercise for school to learn about web crawling and threading.
## How Can We Patch It
The easiest fix is to restrict public access to sensitive files. Dont place secret files in directories that are directly accessible from the web.
Reference in New Issue View Git Blame Copy Permalink