---
# System prepended metadata

title: Crack the Gate 1 - Writeups

---

# Pico_Crack the Gate 1 - Writeups

:::info
:bulb: Hint1: Developers sometimes leave notes in the code (Check code); but not always in plain text.  
:bulb: Hint2: A common trick is to **rotate each letter by 13** (ROT13) positions in the alphabet.
:::

## 🎉 Welcome

:::info
Join with host http://amiable-citadel.picoctf.net:52137/
:::

## 👣 Step 1

:::success
Check the source code, we see a weird notes. Suspect that, this is a hint.
:::
![image](https://hackmd.io/_uploads/Hyb54VRAle.png)




## 👣 Step 2

:::success
After that, we try to decrypt this encrypted code by ROT13 reminded by Hint2. 
Use https://gchq.github.io/CyberChef/ a powerful decrypt tool
:::
![image](https://hackmd.io/_uploads/S1lh94E0Cll.png)

NOTE: Jack - temporary bypass: use header "X-Dev-Access: yes"

➡️ We received a message from developer that we can bypass by use Header


## 👣 Step 3

:::success
Try to login with email already given  
`email: ctf-player@picoctf.org`  
`password: X-Dev-Access`
:::
![image](https://hackmd.io/_uploads/HyV8aNC0xg.png)


➡️ We got nothing



:::success
Try to check with network traffic in Inspect
:::
![image](https://hackmd.io/_uploads/HylvTVACeg.png)


- We see at POST that login is blocked

![image](https://hackmd.io/_uploads/HJtwTN0Axe.png)

- Try to resend a new request in Headers

![image](https://hackmd.io/_uploads/BJ4yA4AAge.png)

:::success
Bypass successfull
:::
![image](https://hackmd.io/_uploads/BkJgCE0Clg.png)

- Check in Response we got a Flag

![image](https://hackmd.io/_uploads/HJqgAEA0eg.png)

:::danger
Flag: picoCTF{brut4_f0rc4_0d39383f}
:::