CTFtime.org / CyberYoddha CTF 2020 / Disallow / Writeup

Tags: web-exploitation

Rating:

#### Original Writeup - [https://github.com/CTSecUK/CyberYoddha-CTF-2020/blob/main/Write-ups/Disallow.md](https://github.com/CTSecUK/CyberYoddha-CTF-2020/blob/main/Write-ups/Disallow.md)

-----
# Disallow

![Category](http://img.shields.io/badge/Category-Web%20Exploitation-orange?style=for-the-badge) ![Points](http://img.shields.io/badge/Points-100-brightgreen?style=for-the-badge)

## Details

![Details](https://github.com/CTSecUK/CyberYoddha-CTF-2020/raw/main/images/disallow_details.png)\
\
I navigated to the URL provided and had a look around "https://crawlies.cyberyoddha.team"\
\
![Image](https://github.com/CTSecUK/CyberYoddha-CTF-2020/raw/main/images/disallow_index_page.png)\
\
Reading the page and looking at what the challenge is called "Disallow" i started by navigating to robots.txt\
\
![Image](https://github.com/CTSecUK/CyberYoddha-CTF-2020/raw/main/images/disallow_index_robots.png)\
\
Sure enough i found something in robots.txt I then navigated to the Disallowed location to see what was there.\
\
![Image](https://github.com/CTSecUK/CyberYoddha-CTF-2020/raw/main/images/disallow_index_flag.png)\
\
Looks like we have the flag: ***CYCTF{d33r0b0t$_r_sUp3r10r}***

Original writeup (https://github.com/CTSecUK/).