Hard Live

Don't Bump Your Head(er)

70 points

4614 Solves

Web

Hard

intelagent moderator badge ctflearn++ badge

Community Rating: 4.49 / 5

Try to bypass my security measure on this site! http://165.227.106.113/header.php

First 10 Solvers

Rank Username
1 alexkato29
2 emperorlepone
3 javier
4 0xibram
5 drmad

  • A23187

    cURL is a useful tool for you

  • bigcatfacilitator

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • Lytes

    This should be classified under Easy

  • C0rpse

    Not sure why this is marked as Hard. Beginner seems more appropriate.

  • noodulz

    https://www.codepunker.com/tools/http-requests

  • someone007

    It was easy -_-, i thought that it's sooo hard, but i like it :)

    • TedZak

      Man, you have just ruined my fun

  • mkay313

    that's a beginner challenge lol

  • Kationa

    Things that can be solved using only a browser can't be 'hard'

  • afskjedi

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • bazio

    burp is best for this challenge so you can also learn burp as well.....

  • anon123

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • Shici

    This taught me what a referrer was. Thank you very much

  • pn0w

    Idk why it didn't work with firebug or burp but worked with Postman/cURL

  • AbhiRen

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • curiousnikko

    I solved it easily but not bad I still learned about http request headers :)

  • lucjanex

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • Skier

    very easy mark it as medium or easy

  • dark_sarcasm

    Very fun no doubt... but not hard it seams like an easy one

  • Cyb3r_Pho3nix

    It's easy but need linux (: just crul and header is given

  • Kryptos

    mhm..it was easy,and curl actually helped ^^

  • 5punnr1ng

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • 5punnr1ng

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • 5punnr1ng

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • 5punnr1ng

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • 5punnr1ng

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • 5punnr1ng

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • 5punnr1ng

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • 5punnr1ng

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

    • 5punnr1ng

      Protected

      [REDACTED] This comment is only shown to users who have solved this challenge.

  • 5punnr1ng

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • 5punnr1ng

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • 5punnr1ng

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • sciking

    Quite nice, but it should be on medium

  • CyberAstronautX

    Awesome!! Learn about http headers. Hint: Can be hacked from browser

  • kousik

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • elTiburoN

    Ok so... I spend 20min analyzing the response header info and looking for compatible UA's to login with blabla. The first step is obvious, you need a specific 'UA'. I literally overthought it so much, the answer went over my head. Dont over complicate yourself. This is a simple one if you pay attention.

  • drumskillz

    Learned something new doing this one! Well done.

  • blackghost

    http://awesomesauce.com/ is not working and showing " Error 522 Ray ID: 5c51f3e53ff917b7 • 2020-08-19 06:53:06 UTC " >>> Host error.

    What to do?????

  • mevenX1ng

    Would have rated this a medium. Good for teaching the basics of HTTP headers.

  • leakpWn

    Liked it. Good for beginners to learn

  • kaimarai

    its really easy when u learn how to google the flag LOOOOOOOOOOOOL

  • Purtrex

    Tough the challenge was broken when i got to the website but you dont need to visit it!

  • Purtrex

    Tough the challenge was broken when i got to the website but you dont need to visit it!