[Day 3] Christmas Blackout

{Web Exploitation = Content Discovery}

Challenge

Accessing the site reveals a login form as shown below.

Since there was no attack vector via the main page, I scanned the web directory for hidden directories with the command below.

gobuster dir -u http://10.10.11.109/ -e -w /usr/share/wordlists/dirb/common.txt -t 100 -x .php,.txt,.html,.cnf,.conf | tee gobuster.log

While running that, I noticed a URL 10.10.11.109/admin with a redirect status code.

Using a common wordlist for discovering content, enumerate http://10.10.11.109 to find the location of the administrator dashboard. What is the name of the folder?

  • admin

10.10.11.109/admin/ returned the following.

Trying administrator:administrator logged me into the admin portal and revealed the flag!

In your web browser, try some default credentials on the newly discovered login form for the "administrator" user. What is the password?

  • administrator

Access the admin panel. What is the value of the flag?

  • THM{ADM1N_*****}

Previous[Day 2] Elf HR ProblemsNext[Day 4] Santa's Running Behind

Last updated

Was this helpful?