🏁 Hidden File Mystery

Learn one of the most important CTF skills: finding information that others miss.

📂 Incident Briefing

A junior administrator uploaded files to a web server.

They claim:

“The flag file was deleted.”

Investigators aren’t convinced.

Your mission is to locate the hidden flag.

🎯 Challenge

You discover the following directory listing:

index.html

about.html

contact.html

backup.zip

images/

css/

Which file deserves immediate investigation?

🤔 Think Like An Investigator

Experienced CTF players ask:

• What looks unusual?
• What shouldn’t be there?
• What might contain historical data?

💡 Hints

Hint 1

Developers often forget to remove backup files.

Hint 2

Archives frequently contain old versions.

Hint 3

Look closely at:

backup.zip

🛠 Common Tools

• Linux unzip
• 7-Zip
• strings
• file

These tools appear constantly in beginner CTFs.

🔍 Investigation Result

Opening:

backup.zip

reveals:

old-index.html

notes.txt

flag.txt

Inside:

flag{enumeration_first}

🏆 Key Lesson

Beginners often jump straight into exploitation.

Experienced players start with enumeration.

Look First
Attack Later

🕵️ Metadata Detective

Learn how hidden metadata inside files can reveal information that was never meant to be public.