 What's up, everybody? This is another video right up for the challenge programmable hyperlink pasta for 60 points in the web category of TJ CTF recent capture the flag competition. So the challenge prompt here is check out my new site PHP is so cool. And we get a link just here that we can go ahead and check out, open up in a new tab. And we have this site here, Neil site. I'm Neil, this is my site, I work here, blah, blah, blah. Let's check out the HTML source because that's all that we care about some CSS of the top the content here. There is an HTML comments here with an ah ref tag or a link to flag dot text, which says here's a flag. Okay. So if we tried to go visit that file, we paste it in the URL. Unfortunately, it is forbidden. We do not have access to that file on the server. But the source code, there's a little bit more there at the very bottom. There's a footer that we saw. And it says now in Spanish or it's available in other languages. So it looks like it gets that functionality accomplished by trying to load an HTTP like get variable determining Lang with a specific file name. In this case, es dot PHP, you're probably like a spaniel or something. So if we are actually checking that out, it loads it okay in a spaniel. But it's just loading another file, right? At least maybe it's including that. And that's how it's viewing the webpage. Like if we were to try and go to index dot PHP, or I guess en dot PHP, I don't know, maybe it's nothing, maybe nothing's received there. But there's potential that we could locate other things, right? If we were to use the period period period, just using the dot syntax to move up the file system, go explore other things in this server, could we reach etc password, a file that we know is there, and looks like we do the very background and HTML source, we can see we've successfully leaked that file. And we have local file inclusion on this website. So let's climb up all the way to the root directory. Let's actually check out the like web route that we're used to for Apache, because we can assume that that's probably what we're looking for if we're looking at PHP. So var www.html, let's try and load flag dot text. And we've got it. All right, TJ CTF, local file inclusion and local file, what? So let's go ahead and write a simple get flag script for that. We can just curl that location. Go ahead and greptack oe, steal our TJ CTF, regular expressions for everything and color equals none. So we've got it just like that. Save this as our get flag script, bin bash our typical shebang line. paste that in chmod plus x get flag run it. And we can redirect that to a static file to save it for later. Move this challenge, mark it as complete. And just like that, we are done another simple web challenge on TJ CTF. 60 points. That's kind of crazy. Alright, hey, I want to give a special shout out to the people that support me on Patreon. You guys are the best. I cannot thank you enough. That's why I do this $1 a month or more on Patreon will give you a special shout out just like this at the end of every video $5 and more will give you early access to everything that I release on YouTube before it goes live. If you did like this video, other CTF video write ups or programming tutorials stuff that I do, please do like comment and subscribe. It really helps me out. If you'd like to join this community, we have a discord server link is in the description. If you want to hang out with their CTF players, programmers and hackers and get together for another upcoming game. That is a place to do it. Hey, I would love to see your support on Patreon and I would love to see you in the next video. Thanks guys. See you soon.