[Task 12] [Day 3] Sensitive Data Exposure (Challenge)
#1 Have a look around the webapp. The developer has left themselves a note indicating that there is sensitive data in a specific directory.
What is the name of the mentioned directory?
Answer> /assets
#2 Navigate to the directory you found in question one. What file stands out as being likely to contain sensitive data?
Answer> webapp.db
#3 Use the supporting material to access the sensitive data. What is the password hash of the admin user?
Answer> 6eea9b7ef19179a06954edd0f6c05ceb
#4 Crack the hash.
What is the admin’s plaintext password?
Answer> qwertyuiop
#5 Login as the admin. What is the flag?
Answer>THM{Yzc2YjdkMjE5N2VjMzNhOTE3NjdiMjdl}