There are no clues in the source code or anywhere on this page. If you’re discouraged enough to log out, you might decide to look at the source for the login page…
That’s odd. Near the bottom, we see a reference to “http://braaaains.hack.lu/bloody.js”. If we do an nslookup on braaaains.hack.lu, it shows that it only has an ipv6 address:
2002:95:d:21:4a:0:0:1
This address…doesn’t actually work. Through some google-fu, we learn that ipv6 addresses starting with 2002 are “6to4” relay addresses, used to identify ipv4 addresses in the ipv6 universe.
2002:95:d:21:4a:0:0:1
These hex values translate to 149.13.33.74. Entering that address into the browser gives us the login screen for the CTF. So, we need to make sure our request is coming from the “braaaains.hack.lu” subdomain, and try to get the bloody.js page…
There’s the key! IcanSmellBigBrainsARRRRR
Credits: Alex Lynch, Jonathan Singer