Tags: subdomain misc web
Rating:
### Forgotten Name (web/misc, 160 solves, 72 points)
> We forgot what our secret domain name was... We remember that it starts with `6a..`. Can you help me recover it?
>
> *Hint: the domain name is not bruteforcable*
#### The solution
It was marked as an `easy` challenge and was mostly about asset discovery.
From the description we can read that the goal is to find a "forgotten" domain name that the challenge could run on. In all other challenges from this and last year one could notice that they are hosted on `*.*.jctf.pro` if they need access to the outside world. Searching on https://crt.sh/?q=jctf.pro we can notice there is indeed a domain called `6a7573744354467b633372545f6c34616b735f6f3070737d.web.jctf.pro` *(this probably could be also done with various available domain discovery tools)*. When we visit the page under that domain we see a simple html page:
```
OH! You found it! Thank you <3
```
Nothing more. The domain name is written in hex, after decoding the hex part we get the flag.
```python
In [1]: '6a7573744354467b633372545f6c34616b735f6f3070737d'.decode('hex')
Out[1]: 'justCTF{c3rT_l4aks_o0ps}'
```
