View the exercise here: PentesterLab: Recon 24arrow-up-right
For this challenge, your goal is to look at the server used to load assets (JavaScript, CSS) and find a file named key.txt.
It's essential to look for files that may be publicly available on the servers used to load assets.
View Page Source of hackycorp.com
View Page Source
hackycorp.com
Click //assets.hackycorp.com/vendor…
//assets.hackycorp.com/vendor…
Remove view-source: prefix of the URL
view-source:
From the objectives, it says that the file name is key.txt
key.txt
Append /key.txt in the URL to see the flag
/key.txt
Last updated 1 year ago
