We were a bit thrown off by this challenge. We shouldn’t have been, but because one of our members already tried most of the obvious hostnames for the mozillactf.org domain, we thought we had to look for other hidden clues. After we finished all the other challenges, we decided to do a brain storm session and go over all previously checked things once more. Some of us tried to see if there was a link between challenge 12 and challenge 21, since everyone that solved 21 also had 12. We figured it might be something on the challenge12 server that we didn’t find while working there. Some of us started looking there, while others started looking at possible missed cookie tricks, since that was the solution for 12.
Once we decided there was nothing there, we finally took another look at obvious host names and we came up with the http://challenge0.mozillactf.org website. Some of us started looking for obvious files and directories and someone else dove into the source of the home page.
<!-- tihihi, you found it 🙂 80DJeUKwAqH2FbrkY8BIEY1cg -->
Of course, the flag was hidden right in the first page, and we finished our last challenge with a little time left to catch some sleep.