PicoCTF 2023: FINDME

The Page Redirections challenge involved navigating a web application's login page and leveraging URL manipulations and Base64 decoding to uncover the hidden flag.

Step-by-Step Walkthrough

1. Logging In

The first step was to log in to the website using the provided credentials:

• Username: test

• Password: test!

Upon successful login, the URL changed, indicating a page redirection.

2. Analyzing the URL

After logging in, the URL changed to:

http://saturn.picoctf.net:63082/next-page/id=bF90aGVfd2F5XzNkOWUzNjk3fQ==

The presence of (== )at the end of the parameter value suggested that it was Base64 encoded. To investigate further, I hit the back button in the browser and found another URL:

http://saturn.picoctf.net:63082/next-page/id=cGljb0NURntwcm94aWVzX2Fs

3. Combining the Encoded Strings

The two discovered URLs provided partial Base64 encoded strings:

• First part: cGljb0NURntwcm94aWVzX2Fs

• Second part: bF90aGVfd2F5XzNkOWUzNjk3fQ==

Combining these parts yielded the full Base64 encoded string:

cGljb0NURntwcm94aWVzX2FsbF90aGVfd2F5XzNkOWUzNjk3fQ==

4. Decoding the Base64 String

Using CyberChef, I combined and decoded the Base64 string to get the flag:

picoCTF{proxies_all_the_way_3d9e3697}