RITSEC CTF 2019 Writeups- misdirection 100 points

 

Challenge: misdirection - web 

Scope: http://ctfchallenges.ritsec.club:5000/

Solution:

I went to the http://ctfchallenges.ritsec.club:5000 there were multiple redirects.

1. Inspect the URL in Burp - Proxy - HTTP History which gave me the following output: 
   
2. I knew the flag was in the URL column as I could see /R, /S, one after another attached in the URL and the hint for the flag was RS{}. I tried several combinations of the above output but it did not work. I am amazed why my inspection did not work like other write-ups but this is what I got and tried several combinations. Still, it did not work :( 
3. So I decided to inspect every URL's response. Finally, I got a hint highlighted as follows:
   
4. So I went to the browser and sent a request one more time attaching the /n in the url as follows: http://ctfchallenges.ritsec.club:5000/n 
   
5. This gave me the remaining part of the flag as follows: 
   
6.  I don't know why I had to do the additional process but this is how I got the flag. flag:RS{4!way5_Ke3p-m0v1ng}
   
   
   

Your comments are much appreciated. I am a newbie in this field please do correct me or help me learn to do it in a better way.