@FlameOfIgnis said:
@PT3 said:
It’s been quality CTF. I mean when I have to search though multiple “image” files to find a text file with a PW to login. Or extracting a “hash” from somewhere and spending time to crack it, only to find out the “hash” is in fact a password for the account elsewhere. Thats awesome CTF because it just DOESN’T happen in the REAL world. HTB get its time to REAL.Full on agreed about the first point, but to be honest, if i understand the box you are talking about correctly(lw?), you should have guessed there wouldnt be a hashed password in the login request
There would be in this kind of login request. It’s a clear text protocol and thats how it works. The pw in not passed in clear text. But then again I always use the hash of my pw as a pw somewhere else cause it’s just cool and so easy to remember.