DefendTheWeb.net, previously called HackThis.co.uk, is a very famous and well-known interactive security platform where you can learn and challenge your skills.. It contains challenges from several different cybersecurity fields.
I’ve decided to have a bit of fun and try to solve every single challenge presented, from the easiest to the hardest. (although easy and hard will be different depending on your skillset and field of expertise).
As I do with any challenge website, I WILL NEVER post the flag in cleartext, as it kills the fun and thrill of finding it, however I will post my way (or ways) of getting there. This is done in respect of the website’s security and non-disclosure policy, even when it doesn’t have one ;).
Challenge Intro 4
This challenge is rated as Intro, so it might be easy to solve. This time the author only gives us only a Username and Password login page, followed by a “[ Log in ]” button.
Using our beloved Google Chrome Dev Tolls (F12), let’s look into our authentication form, and see if there is anything interesting in there.
… and indeed we have found something interesting. Look at the hidden field, there is a mention to a password file. Just follow the URL provided to the JSON file, and there you have it.
I hope you liked this one, see you on the next challenge!
