This one was easy too
the purpose is to login to this interface
NOTA: I’ve made the rest of the chall with curl
After some tries, a hint was released:
« think of default files when using source code management systems… »
So source code management sounds like git or svn for me.
Let’s try if we can get the .git file!
Bingo, it works 🙂
Let’s use the default credentials ping/pong and see what happens.
We can see some interesting headers on the response!
By googling quickly df911f0151f9ef021d410b4be5060972, I’ve noticed that it corresponds to md5(« ping »)
Knowing that, we can build our attack!
type=user ==> type=admin; flag=md5(‘ping’) ==> flag=md5(‘john’); name=ping ==> name=john