Skip to main content

Walking An Application

Walking An Application

The first two Tasks were just setting up the VPN and reading web information.

Exploring The Website

Viewing The Page Source

I checked out the main page:

I then checked out the source code for the page, and found this:

Clicking that link leads me to the following page:

I went after this question next:

I noticed this in the comments:

Following this link, got me the flag:

This was the next question:

I ran feroxbuster on the URL:

I was running through the different links, and got one that the question was about:

I then got the flag:

This was the last question:

I went back into the main website page, and I saw this comment:

This led me to the following:

I found something interesting in the Change Log:

Going to <Website.com>/tmp.zip got me a file, which had the following information:

Developer Tools - Inspector

For this Task, we go to <Website.com>/news/article?id=3.

We then have to remove the paywall. I found the following in the Inspector code:

If you delete the node (right-click on the line and hit "Delete Node"), you can then see the flag:

Developer Tools - Debugger

For this task, the THM Author walks us through what to do. Essentially, you have to setup a breakpoint and wait for the flag to show up. For this, I went to the contact page. Then I opened the Debugger tab, and went to the flash.min.js file. After clicking on the flash['remove']();, which set up the breakpoint on the line, and I got the flag:

Developer Tools - Network

For this one, I followed what the task said, and eventually found the flag. I typed random things in the fields, and then found the flag in the Response section: