IH8emacs

By Narcissus

We are met with a fancy shmancy site:

From the challenge name and description we understand we should look for backup files created by emacs. Generally when editing a file with emacs it creats a backup with a tilde at the end of the name, for example editing file will result in file~. So let's look for some backups.

We started with index.php~ and found a few lines of code:

<?php
    //phpinfo();
?>

The rest of the file was identacle to index.php.

We also found a commented out link to the administration page. Going to that page cause a login window to pop up:

we probably need to find credentials for that.

The first file we checked didn't really help us a lot. Moving forwards we tried various other files such as .htaccess~ and .htpasswd~ both in the root directory and in the administration directory.

In administration/.htpasswd~ we found hashed credentials yay! bsidestlv:$apr1$1nKU7Tz4$2bEAlGTlz/0skDdE2EnW00. We saved the file and then ran it through john the ripper:

Now we can try to log into the administration page again.

The username and password worked and we got the flag: BSidesTLV{D0ntF0rg3tB4ckupF1l3s}