HDC Web Challenge — HackTheBox

Kamran Saifullah

4 min readNov 2, 2018

After Lernaean Web Challenge it’s time to publish the solution of HDC Web Challenge.

On opening the IP/Domain:IP we have the below page.

It is a login panel of HADES DISTRIBUTION COMPANY. Common usernames and passwords do not work here.

Let’s move onto checking the source code.

So the form has the value of “name1” & “name2”. Nothing else here.

We have two more js files included. Let’s check them one by one.

myscripts.js do not contain any valuable information. Let’s check the second one. The second one is quite large file. So let’s narrow down our search. From the source code of form we knew two values. Let’s find them.

Finding the name1 value.

We got the value for name1. Let’s find the value of for name2.

We got the value for name2 as well. Let’s try to log into the panel using these values.

We are successfully logged into the panel.

There is nothing special for us in the Goals and Publicity panels. We have to focus on Main Tasks panel.

So we can send the emails using this CONTROL PANEL. But for that we need to find the users and their emails. Let’s check the MailBox.

Ohkay so this is Special Customer’s Mailbox. Nothing seems to be here as well. But wait! why is there a text icon. Let’s open this in new tab.

It is just a gif image but wait. Did you noticed the URL in the address bar. The “secret_area_”. Let’s try to check if there is Directory Listing here.

Oh yes!. We have successfully found the mails.txt file. We were desperately looking for this file. Let’s open it up.

We have different users and their emails here. But wait do you really know what we have to do with these email? Let’s take a look back if you didn’t noticed it.