Tags: web warmup
Rating:
# Charlotte's Web - Beginner (50 pts)
## Description
> Welcome to the web!
>
> https://charlotte-tlejfksioa-ul.a.run.app/
## Ideas and observations
1. a website with just a button, clicking on which shows an unhelpful alert()
2. there's an HTML comment ``
## Notes
1. `/src` has the Flask source for the challenge, a simple app with 3 routes:
1. `/` that displays the aforementioned web page
2. `/src` that returns the contents of `app.py`
3. `/super-secret-route-nobody-will-guess` that's only defined for the PUT method that returns the contents of a file called `flag`
## Solution
Commanding `curl -X PUT https://charlotte-tlejfksioa-ul.a.run.app/super-secret-route-nobody-will-guess` will get us the flag:
`wctf{y0u_h4v3_b33n_my_fr13nd___th4t_1n_1t53lf_1s_4_tr3m3nd0u5_th1ng}`
