Thailand Cyber Top Talent 2022 – CTF THAILAND
Writeup!! Web-challenge04

1st step : survey target website and guessing how to find flag?
website have menu to login with Admin Key.

2nd step : Use : dirb to start find more hidden directory and found many directory in directory
like : IP Address /s/e/c/r/e/t/

3 : let check /s/e/c/r/e/t/ directory have “secret”, in secret have flag.inc
check flag.inc

$secret = "N.C.S.A";

Final : use N.C.S.A for Admin key, Yessssss!! found it.

flag : tctt2022{Adm!n_S3cr3t_K3y}