Thailand Cyber Top Talent 2022 – CTF THAILAND
Writeup!! Web-challenge01
* I found flags in last 5 minute before end time.
1st step : survey target website and guessing how to find flag?
2nd step : Use : dirb to start find some hidden directory or some page but not have
3 : let check website by menu and found login.php
4 : find credential from website, found Mario Maurer (web administrator and office in bangkok)
![](https://www.engiblog.com/wp-content/uploads/2022/10/web01-01.png)
5 : try login with username : mario and password : password (known from others challenge in TCTT-2022)
![](https://www.engiblog.com/wp-content/uploads/2022/10/web01-02.png)
Final : Yessssss!! found it.
![](https://www.engiblog.com/wp-content/uploads/2022/10/web01-03.png)
flag : tctt2022{W3lc0me_@m!n_Acc3$$}