You're probably thinking too hard about this.Hint:
Remember that time when you guessed the admin password? Yeah.Solution:
Target: http://web.camsctf.com/2/ OK, Brute force time was begin. :D, Open Burp Suite and Intercept HTTP Request and send to Intruder tab with wordlist.
password=letmein
Flag: {still_b3tter_than_princess}
I dont understand, why you know it must brute force time ??
ตอบลบwhen I read a hint. I try to find some wordlist to brute force it.
ลบlol when i did it i looked up a list of popular admin passwords and the first one was the correct password
ตอบลบ