This is from the UTCTF2021 CTF
Challenge Author: Rob H
For this challenge, we are given a little hint and a URL:
Here is the site:
I take a look at the source and find that it is doing client-side authentication in JavaScript:
I see that the password’s MD5 hash is “1bea3a3d4bc3be1149a75b33fb8d82bc”
A quick google search for that hash and I see that is has already been cracks and is “sherlock“.
I try logging in as admin with password sherlock and I’m in:
