Challenge Overview
The flag is somewhere on this web application not necessarily on the website. Find it.
Check this out.
Solution
Based on the challenge name Roboto and the description as well as not finding it another way I started with going to the /robots.txt path. The robots.txt path is mainly used for web crawlers and to let them no to not index certian pages.
This is what was on the robots.txt page.
There are many things to try on this page that could work. So I went to /cgi-bin/ and /wp-admin/ and there was nothing there. But also the text part looks like base64 because of the "==" padding.
When you put it into cyberchef this is what you get.
ZmxhZzEudHh0 -> flag1.txt
anMvbXlmaWxlLnR4dA== -> js/myfile.txt
Not sure what the last line was. After this I tried these paths
/flag1.txtcgi-bin/flag1.txtjs/flag1.txt
And then I just put in js/myfile.txt and it was just that to get the flag.
This link: http://saturn.picoctf.net:55771/js/myfile.txt. Returned the flag on the page.
Flag: picoCTF{Who_D03sN7_L1k5_90B0T5_22ce...}