search

Task 11 - Sensitive Data Exposure (Challenge)

hashtag
Task 11 [Severity 3] Sensitive Data Exposure (Challenge)

hashtag
What is the name of the mentioned directory?

circle-exclamation

HINT: Have a look at the source code on the /login page.

chevron-rightReveal Flag 🚩hashtag

🚩/assets

hashtag
Navigate to the directory you found in question one. What file stands out as being likely to contain sensitive data?

chevron-rightReveal Flag 🚩hashtag

🚩webapp.db

hashtag
Use the supporting material to access the sensitive data. What is the password hash of the admin user?

chevron-rightReveal Flag 🚩hashtag

🚩6eea9b7ef19179a06954edd0f6c05ceb

hashtag
Crack the hash. What is the admin's plaintext password?

circle-exclamation

HINT: Read the supporting material

chevron-rightReveal Flag 🚩hashtag

🚩qwertyuiop

hashtag
Login as the admin. What is the flag?

chevron-rightReveal Flag 🚩hashtag

🚩THM{Yzc2YjdkMjE5N2VjMzNhOTE3NjdiMjdl}

PreviousTask 7 - Broken Authentication PracticalNextTask 13 - XML External Entity - eXtensible Markup Language

Last updated