<- WEB

Don't Bump Your Head(er)

1 minute to read

We are given a URL to interact with. Let’s use curl:

$ curl 165.227.106.113/header.php
Sorry, it seems as if your user agent is not correct, in order to access this website. The one you supplied is: curl/7.81.0  
<!-- Sup3rS3cr3tAg3nt  -->

It seems that we need to use a specific user agent (maybe Sup3rS3cr3tAg3nt works):

$ curl 165.227.106.113/header.php -H 'User-Agent: Sup3rS3cr3tAg3nt'
Sorry, it seems as if you did not just come from the site, "awesomesauce.com".  
<!-- Sup3rS3cr3tAg3nt  -->

And now we need to tell the website that the request comes from awesomesauce.com. This is the referer, so let’s add it and get the flag:

$ curl 165.227.106.113/header.php -H 'User-Agent: Sup3rS3cr3tAg3nt' -H 'Referer: awesomesauce.com'  
Here is your flag: CTFlearn{did_this_m3ss_with_y0ur_h34d}
<!-- Sup3rS3cr3tAg3nt  -->