Bookmarklet

PicoCTF

Author: Jeffery John

Description

Why search for the flag when I can make a bookmarklet to print it for me?

Additional details will be available after launching your challenge instance.

Browse here, and find the flag!

Hint 1

A bookmarklet is a bookmark that runs JavaScript instead of loading a webpage.

Hint 2

What happens when you click a bookmarklet?

Hint 3

Web browsers have other ways to run JavaScript too.

---

Upon opening the page im presented with:

hmm within the middle box I have this:

The encrypted flag is what we are after but looks encrypted so we need to figure out how to decode this.

Bookmarklets are usually small snippets of JavaScript executed when user clicks on them. When clicked, bookmarklets can perform a wide variety of operations, such as running a search query from selected text or extracting data from a table.

When inspecting the element it takes me to this line and expanding it out it highlights this line of code:

what I think this means is that when the javascript is put in it should be the flag.

to run the code we found before we should be able to get the flag.

Flag found