2024 LACTF - terms-and-conditions

February 18, 2024 less than 1 minute read

Overview

771 solves / 106 points
author: aplet123

Description

Welcome to LA CTF 2024! All you have to do is accept the terms and conditions and you get a flag!

terms-and-conditions.chall.lac.tf

Attached

term-and-conditions.html

Analyzation

Let’s visit the site

visit site

The button, for sure, cannot be clicked by mouse. It must be “clicked” by console.

But when the console is opened, the site becomes blank and…

NO CONSOLE ALLOWED

Look in the source code to find the reason why

let width = window.innerWidth;
let height = window.innerHeight;
setInterval(function() {
    if (window.innerHeight !== height || window.innerWidth !== width) {
        document.body.innerHTML = "<div><h1>NO CONSOLE ALLOWED</h1></div>";
        height = window.innerHeight;
        width = window.innerWidth;
    }
}, 10);

Solution

It only does that if the dimensions of the window changes after it loads.

So let’s just leave the console there and refresh, and the console is on.

refresh the site

Then run the js command

document.getElementById("accept").click()

flag

The flag is

lactf{that_button_was_definitely_not_one_of_the_terms}

Share on

Twitter Facebook LinkedIn

encuetee

2024 LACTF - terms-and-conditions

Overview

Description

Attached

Analyzation

Solution

Share on

You may also enjoy

2024 BlackHat MEA CTF Qualification - watermelon

2024 BlackHat MEA CTF Qualification - free flag

2024 LACTF - penguin-login

2024 LACTF - mixed signals