🌐 Roboto Sans

A detailed write-up of the Web challenge 'Roboto Sans' from PicoCTF - 2022

mH4ck3r0n3 Ethical Hacking/CTFs/Jeopardy/PicoGym/PicoCTF-2022/Web

01/03/2025 365 words 2 minutes

Contents

/images/PicoGym/PicoCTF-2022/RobotoSans/challenge_presentation.png — Challenge Presentation

📊 Challenge Overview

Category Details Additional Info

🏆 Event PicoGym Event Link

🔰 Category Web 🌐

💎 Points Out of 500 total

⭐ Difficulty 🟡 Medium Personal Rating: 0/10

👤 Author Mubarak Mikail Profile

🎮 Solves (At the time of flag submission) 21.132 solve rate

📅 Date 12-02-2025 PicoGym

🦾 Solved By mH4ck3r0n3 Team:

Category	Details	Additional Info
🏆 Event	PicoGym	Event Link
🔰 Category	Web	🌐
💎 Points		Out of 500 total
⭐ Difficulty	🟡 Medium	Personal Rating: 0/10
👤 Author	Mubarak Mikail	Profile
🎮 Solves (At the time of flag submission)	21.132	solve rate
📅 Date	12-02-2025	PicoGym
🦾 Solved By	mH4ck3r0n3	Team:

📝 Challenge Information

The flag is somewhere on this web application not necessarily on the website. Find it.

🎯 Challenge Files & Infrastructure

Provided Files

1

Files: None

🔍 Initial Analysis

First Steps

Initially, the website appears as follows:

Site Presentation

The first thing I did was not inspect the page source this time, but I directly checked /robots.txt given the challenge title *Roboto* Sans:

Robots

It appears to be a site built with WordPress due to the Disallow: /wp-admin/, where /wp-admin/ is the default route to access the WordPress admin panel. There’s also a suspicious base64 encoding, let’s proceed with the exploitation.

🎯 Solution Path

Exploitation Steps

Initial setup

The first thing I did was decode those two base64 strings:
1
echo;echo anMvbXlmaWxlLnR4dA== | base64 -d  
Base64 Decode

I directly used the second one, as the first one doesn’t seem to be a valid base64 string.

Exploitation

By trying to visit the route /js/myfile.txt (suggested by the decoded base64), I found the flag.

Flag capture

Manual Flag

🛠️ Exploitation Process

Approach

The automatic exploit simply makes a GET request to js/myfile.txt and extracts the flag from the response, printing it.

Exploit

🚩 Flag Capture

Flag

Proof of Execution

Automated Flag

Screenshot of successful exploitation

🔧 Tools Used

Tool Purpose

Python Exploit

Base64 Base64 Decoding

Tool	Purpose
Python	Exploit
Base64	Base64 Decoding

💡 Key Learnings

Time Optimization

In challenges where the word Robot or robot.txt appears in the description or title, the first thing to do is to go directly to the /robot.txt route.

Skills Improved

Binary Exploitation

Reverse Engineering

Web Exploitation

Cryptography

Forensics

OSINT

Miscellaneous

📚 References & Resources

Learning Resources

https://en.wikipedia.org/wiki/Robots.txt

https://en.wikipedia.org/wiki/Base64

📊 Final Statistics

Metric	Value	Notes
Time to Solve	00:00	From start to flag
Global Ranking (At the time of flag submission)		Challenge ranking
Points Earned		Team contribution

Created: 12-02-2025 • Last Modified: 12-02-2025 *Author: mH4ck3r0n3 • Team: *