UTCTF2021: Web: Source it!! (100)

This is from the UTCTF2021 CTF

Challenge Author: Rob H

For this challenge, we are given a little hint and a URL:

Here is the site:

I take a look at the source and find that it is doing client-side authentication in JavaScript:

I see that the password’s MD5 hash is “1bea3a3d4bc3be1149a75b33fb8d82bc”

A quick google search for that hash and I see that is has already been cracks and is “sherlock“.

I try logging in as admin with password sherlock and I’m in: