Image of NeverLAN CTF 2019


Solution Author:

Lucian Nitescu, as part of jmp 0xc0ffee team.


The challenge started with the following simple "console" page:

As a first step, I decided to take a look at the source code of the accessed web page. view-source:

As you can see we have 2 different javascript functions. The what() function, which handles the password confirmation and the getThat(strg) function which handles the redirect to our "authenticated" page. In this case, we have two different approaches:

  • We access directly the 1/key.php page
  • We call the getThat(strg) function with the value 'Y'

Here it is how I obtained the flag for this challenge:

The flag is: flag{console_controls_js}