Today’s post is going to go over the second challenge of the OWASP Hackademic Challenges Project.
Below is the scenario:
Your Country needs your help for finding the password of an enemy site that contains useful information, which if is not acquired on time, peace in our area will be at stake.
You must therefore succeed in finding the password of this military SITE.
Entering the site – we get the following:
Doing a page source we see the following:
Now we need to analyze what the method returns.
Going back to the challenge, and entering what is in the dialog box = enter a coin to play – we get the following screenshots:
Looking at the address bar after the index.php – we see a parameter of result that has our password in the address bar.
- After doing this we were able to obtain the password and enter it in the input box.
Once again – looking at the page source reigns again! 🙂