OWASP Top 10 – (3) Sensitive Data Exposure


What is the name of the mentioned directory?

Navigate to the directory you found in question one. What file stands out as being likely to contain sensitive data?

Use the supporting material to access the sensitive data. What is the password hash of the admin user?

Crack the hash.
What is the admin’s plaintext password?

Login as the admin. What is the flag?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s