Rating: 2.0

Problem:

RFC 7230
(web, 50 points)

"Get just basic information from this server (ctf.ekoparty.org)"

Solution:

RFC 7230 is an immediate hint as it refers to the HTTP protocol, so this challenge is definitely something to do with HTTP headers. There are quite a few HTTP methods though, such as the common "GET", "POST", and "HEAD". My immediate thought was the HEAD method, however this lead nowhere. There is however one that I hadn't considered for a while that was a bit obscure, which was the "OPTIONS" header. Sending an OPTIONS header request to the server via curl, we can see our flag in the response.

curl -i -X OPTIONS http://ctf.ekoparty.org/

HTTP/1.1 301 Moved Permanently
Server: EKO{this_is_my_great_server}
Date: Fri, 28 Oct 2016 03:44:02 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://ctf.ekoparty.org/

Flag: EKO{this_is_my_great_server}

Original writeup (http://specterdev.blogspot.ca/2016/10/write-up-ekoparty-2016-ctf-web-25-50.html).