findme
After entering test
as the username and test!
as the password, we see the following page:
I tried accessing /flag after the domain, but I had no luck. I then noticed something. Between the login and the page with the screenshot mentioned above, we are being redirected. If I can edit those redirects or see what encoding they are using, I can try to get a flag that way. I then used Intruder in Burpsuite to see what the situation was.
After logging in, I saw the the id
being mentioned in the URL:
If we scroll over the test, we can see that it is encoded with Base64, and that we might get the flag in multiple redirects.
That was the flag.
Last updated