AngstromCTF_2018: Source Me 1

Category: Web Points: 20 Description:

There is only one goal: Log in.


The page source tells us the password.

<!DOCTYPE html>
<html lang="en">
    <meta charset="UTF-8">
    <title>Source Me 1</title>
<h2>Welcome to the admin portal!</h2>
Currently, only the user who can login is 'admin'.
<!-- Shh, don't tell anyone. The admin password is f7s0jkl -->
<form action="./login.php" method="get">
Username:<input type="text" name = "user"><br>
Password:<input type="text" name = "pass"><br>
<input type="submit" value="Submit">

Attempting to log in with the username admin and password f7s0jkl, we get the flag.

Welcome, admin. Here is your flag: actf{source_aint_secure}

Therefore, the flag is actf{source_aint_secure}.