Anthem

Website Analysis

Lets run nmap scans to find open pots and services

Lets visit the webserver

Looking at the articles, we have a poem and it looks like the admin wrote this, so lets see who wrote this poem

We have a username. Lets check robots.txt as we some interesting information in the nmap scan

Looks like a password, lets save it for later. Looking through the directories, There is a login page on /umbraco

We do not have credentials. We also know that the CMS version this page is using is Umbraco. The domain is on the home page of the webserver. We can find the email of the admin on the We are hiring article.

With this email, we can assume the email format of the admin

Spot The Flags

The first flag can be found on the source code of the We are hiring page.

Now we know that the flag format for the flags are THM{} so we can use Ctrl + F to find flags on a page, lets check if there are any other flags on this page.

We have another file

The third flag can be found in the link that we can click in the source code that will take us to /authors/jane-doe

We can find the fourth flag in the source code of the A cheers to our IT department page.

Now that we have credentials we can login through the login portal that we found earlier