Hello hackers!!!!!,
In this writeup, I am going to give a walkthrough of a challenge from WinjaCTF 2021!
The CTF was fun and awesome and the challenges were also great!
So let’s dive into the challenge…
The description gave me a hint that I’ve to find some secret directory.
When I opened the URL mentioned in the challenge, this page shown up
ooh oh admin??, I thought I’ve to do SQL injection there, but then I remembered the description and thought the credentials can be in a file, so why not try that first.
I fired my ffuf with medium lowercase.txt, and after some fuzzing it found a passwords.txt, when I opened the file in the browser, It had some passwords. I then thought the username would probably be admin and one of these would be it’s password, but in the same period of time another file was found by ffuf. Which was usernames.txt and then I knew what I’ve to do.
I made a python script which looked like this
This script takes each username from the usernames.txt file and tries every password in the passwords.txt file and sends a post request to the login page and then checks if the error for the error message in the response, if there is an error message it continues the execution else it stops and prints the username and password that it found. After running this script I found the username and password of the admin and quickly logged into the admin panel and there was this page
After looking closely, we can see that the last string in the Creds columns looks like a base64 encoded string, I copied it and pasted it to cyberchef and what I got was some weird string
I copied the whole string and pasted it into cipher identifier to see which cipher was it and it showed me that it was not able to identify which cipher was it. So I just randomly guessed that it is probably vigenere or caeser cipher.
I tried decoding it with vigenere breaker
And finally got the flag!!!
The challenge was fun, mix of basic web with some crypto.
Forgive me for my bad english…
@coder_rc
