Tags: subdomain misc web 


### Forgotten Name (web/misc, 160 solves, 72 points)
> We forgot what our secret domain name was... We remember that it starts with `6a..`. Can you help me recover it?
> *Hint: the domain name is not bruteforcable*

#### The solution
It was marked as an `easy` challenge and was mostly about asset discovery.

From the description we can read that the goal is to find a "forgotten" domain name that the challenge could run on. In all other challenges from this and last year one could notice that they are hosted on `*.*.jctf.pro` if they need access to the outside world. Searching on https://crt.sh/?q=jctf.pro we can notice there is indeed a domain called `6a7573744354467b633372545f6c34616b735f6f3070737d.web.jctf.pro` *(this probably could be also done with various available domain discovery tools)*. When we visit the page under that domain we see a simple html page:

OH! You found it! Thank you <3

Nothing more. The domain name is written in hex, after decoding the hex part we get the flag.

In [1]: '6a7573744354467b633372545f6c34616b735f6f3070737d'.decode('hex')
Out[1]: 'justCTF{c3rT_l4aks_o0ps}'

Original writeup (https://hackmd.io/@terjanq/justCTF2020-writeups#Forgotten-Name-webmisc-160-solves-72-points).