PicoCTF an Introduction to Bookmarklet

This is an easy challenge in the web category. Before looking into it what is a bookmarklet?

A bookmarklet is a small JavaScript program that can be executed directly from your browser's bookmarks bar. Unlike traditional browser extensions, bookmarklets require no installation or configuration.

Here is an example :

On clicking the bookmarklet, and it will show a footer panel that lists all the web directories within the page. (using a web scraper)

Now let's see what the challenge is about. In this challenge, we will learn how this bookmarklet is setup.

It takes you to this site :

Let's try to create a bookmarklet using the code they provided. The steps are simple. Create a new bookmark. Go to chrome://bookmarks/ click on add a new bookmark.

Add the script in the URL bar and click save.

The next step is to pin the bookmarklet in the taskbar. Drag and drop from the bookmark page.

Now click on the picoctf boomaklet, it will reveal a flag.

Here is the code for the Blackline scanner bookmarklet , try it out in your chrome.

That's it for this article. Hope you learned about bookmarklets.

I am currently working on LiveAPI. Get all your backend APIs documented automatically (AI-based solution), do give it a try it supports 50 backend frameworks and 15 programming languages.