Can you find a way to login as the administrator of the website and free nginxatsu?
- We have a nice login page, but we don’t have any credentials
- So first let’s create a new account
- After logging in we can able to generate a config file
- Generated configs can be downloaded here
- By hovering the raw config reveals an interesting directory “/storage”
- There are many config files, and there’s a file named “v1_db_backup_1604123342.tar.gz“
- Let’s open it in sqlite3
- There’s a table named “users“
- And it contains the email and passwords, let’s try to crack that hash “e7816e9a10590b1e33b87ec2fa65e6cd“
- So the credentials are
nginxatsu-adm-01@makelarid.es:adminadmin1
- After logging in with that credentials, we got our flag:
HTB{ng1ngx_r34lly_b3_sp1ll1ng_my_w3ll_h1dd3n_s3cr3ts??}