You can also read this and other writeup at my Github

When you open an instance of this chall, you will see a page like this

Now look carefully at the url of this chall, you will see that the url is like /index.php?page=index.html. This is an evidance show that this page may be suffer from LFI. If you don't know what LFI is, please read this. You should learn about PHP wrapper as well because we will use it to solve this chall.

To check if the page is suffer from LFI or not, I will use the PHP wrapper to check: I change the url to /index.php?page=php://filter/convert.base64-encode/resource=index.html. And the result is

When I use the PHP wrapper, the content of the page is convert to base64. This method will be useful when you want to read the PHP code of the page.After that I use base64 decoder to see what is the source code of the page

As you can see in the image above, the source code has a comment that remind the developer himself to delete /bin/secrets.txt. So we will go to that page to check if it is deleted or not.