This is a writeup of how I went about solving the web challenge from the h1-702 CTF, including my thought process as I navigated through the wrong and right paths to reach a solution. If you're only interested in what the correct steps were, skip to the TL;DR at the end.
Upon navigating to the challenge URL, we're greeted with a message:
Notes RPC Capture The Flag Welcome to HackerOne's H1-702 2018 Capture The Flag event. Somewhere on this server, a service can be found that allows a user to securely stores notes. In one of the notes, a flag is hidden. The goal is to obtain the flag. Good luck, you might need it.