**Write up for yawn1**

-----

##### Feel free to hit me up at discord AmunRha#3245

-----

> Learn a new thing from every challenge!

-----

## Analysis

The foothold for this can be found from reviewing the respose using burp,dev tools.
The response contained a header called "Trailer: Flag".
Google that and researching further lands us with a solution.

> Read this to know about Trailer header
> [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Trailer](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Trailer)

> Read this to know about about TE [Transfer-Encoding Header]
> [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/TE](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/TE)

-----

## Solve

So, reading the above two links, we come to know that the TE header must be included with the requesst sent in order to accept the Trailer header.
We add the following header in our request to include the Trailer header in our response,

`TE: trailers`

Sending the required request through burp or dev tools doesnt lead any output, so I tried using `curl` with the command,

```
curl --http1.1 -i -s -k -X $'GET' -H $'Host: okboomer.tasteless.eu:10401' -H $'TE: trailers' -H $'Connection: close' $'https://okboomer.tasteless.eu:10401/'
```

This lead us to the output with the flag in the reponse,

### Flag - tstlss{always keep looking}

P.S. Discussing with the author after solving the challenge, I came to know that the Trailing chunks, which is specified by the Trialer header is apparantly stripped of by burp and dev tools, but this didnt happen with curl, thus the reason why curl showed the response in full.