HackTheBox Challenge Flag Command (Web)

Challenge Synopsis

Embark on the “Dimensional Escape Quest” where you wake up in a mysterious forest maze that’s not quite of this world. Navigate singing squirrels, mischievous nymphs, and grumpy wizards in a whimsical labyrinth that may lead to otherworldly surprises. Will you conquer the enchanted maze or find yourself lost in a different dimension of magical challenges? The journey unfolds in this mystical escape! (Source)

Enumeration

Here is the webpage. It is a browser game where we can type some commands.

If we take a look at the developer’s tab, we can observe that there is an interesting options endpoint with a secret value hidden.

Exploitation

Lets use the secret value in the game!

>> start

YOU WAKE UP IN A FOREST.

You have 4 options!

HEAD NORTH

HEAD SOUTH

HEAD EAST

HEAD WEST

>> Blip-blop, in a pickle with a hiccup! Shmiggity-shmack

HTB{D3v3l0p3r_t00l5_4r3_b35t__t0015_wh4t_d0_y0u_Th1nk??}

Flag: HTB{D3v3l0p3r_t00l5_4r3_b35t__t0015_wh4t_d0_y0u_Th1nk??}