OWASP Top 10 2021 - Cryptographic Failures (Challenge) writeup

The provided page 'Sense and Sensitivity!' are as follows:

It shows up simple welcome page, seems like there is no interesting information here.

 

There's one login page in /login.php

Inside the source code of /login.php, there is one interesting comment indicating that database is being stored in /assets.

 

 

boom! webapp.db can be located here,

webapp.db is a SQLite database file, by using SQLite I can reveal the information

 

there are two tables: "sessions, and users"

It is way too obvious that users table is the table which stores user credentials. Now I will indicate the table:

There are two admin users, admin and Bob. We got the username and password. However, the password is hashed. I need to crack it to get plaintext.

rainbow table can be used to easily crack known hashes.

As a result, the username and password of admin is "admin", "qwertyuiop"

 

THM{Yzc2YjdkMjE5N2VjMzNhOTE3NjdiMjdl}

Flag achieved!