picoCTF - GET aHEAD

Description of CTF GET aHEAD from picoCTF

Find the flag being held on this server to get ahead of the competition http://mercury.picoctf.net:47967/

Visiting the website provided in the description, we are presented with two buttons. Both buttons sends a request to change the websites background to their respective colors. Red buttons sends an GET request, while blue sends an POST request. The challenge title, “GET aHEAD,” hints at the potential use of the HEAD request method, a less commonly used HTTP request method. Using Burp Suite we can enable intercept and click on the blue button to intercept the GET request. Change the request type from GET to HEAD. and forward the request we are met with the flag in the response

picoCTF{r3j3ct_th3_du4l1ty_cca66bd3}