Level 12

Url: http://ctf.infosecinstitute.com/leveltwelve.php
Description: Dig deeper!
Bounty: $120

Solution:
The contain url is the same as levelone.php, first I look in the leveltwelve.php source code, it seem normal then I compare the levelone.php source code and levelfour.php source code. I noticed that is a different in the 10th, 11th lines. The different is in leveltwelve.php there is css/design.css.

level12a

levelone.php source code

level12b

leveltwelve.php source code

After open the design.css it contain

.thisloveis{
	color: #696e666f7365635f666c616769735f686579696d6e6f7461636f6c6f72;
}

Seem like hex (string after the color:), decode it into ascii, then I got the flag

The flag is: infosec_flagis_heyimnotacolor

Reference and Tools:
1. Browser (google chrome, mozilla firefox, opera, etc)
2. Multi online decoder (hex, ascii, binary, base64) – https://paulschou.com/tools/xlate/

0 comments