Hacktivitycon 2021


Solved By : thewhiteh4t

  • In this challenge we were given a website of a company
  • Two things which instantly caught attention were URL Capture and Admin buttons
  • URL capture service accepts a URL and takes screenshot of the webpage

  • Admin page got a login
  • First idea was to try http://localhost and it worked

  • This is same as the loading splash screen I saw while loading the challenge website
  • Next I checked robots.txt and got 200 and this revealed a new path /server-status

  • Next I obviously tried to access /server-status and got 200 again

  • And in the logs you can see the login credentials!

Published on : 20 Sep 2021