curl -s "https://booru.allthefallen.more/more?token=boru_block_survive" The server responded with a 200 OK and an HTML page that listed a single hidden image:
# 4️⃣ Pull the hidden image URL hidden=$(grep -oP '(?<=src=")/static/img/[^"]+\.jpg' more.html) booru.allthefallen.more
BASE="https://booru.allthefallen.more"
boru_block_survive That string looked like a plausible token for the hidden endpoint. 3.1 Crafting the request The /more endpoint required the token to be supplied either as a query string ( ?token=… ) or as a cookie. Trying both: curl -s "https://booru
Event: All The Fallen CTF 2023 Category: Web / Steganography / Information Disclosure Difficulty: ★★☆☆☆ (Easy‑Medium) 1. Overview The challenge presents a small web‑application that mimics an image‑board (a “booru”). The public URL was: =src=")/static/img/[^"]+\.jpg' | head -n1)
# 1️⃣ Grab a random thumbnail to extract the token thumb=$(curl -s "$BASE/" | grep -oP '(?<=src=")/static/img/[^"]+\.jpg' | head -n1)