 What's up, YouTube? This is a video write-up for the Central Savings Account Challenge from TJCTF, the recent Capture the Flag competition. Challenge prompt is, I seem to have forgotten the password for my savings account. What am I going to do? It gives us a note here, the flag is not in the standard flag format. So this is a web challenge. We can check out this page. It says, Central Savings Account, please log in to proceed. I'll type in, please subscribe, or just please sub, whatever. And I get logged in, failed. Okay, so let's go ahead and take a look at what this actually is. If we right-click and view the source, or hit control U, we can check out the HTML, JavaScript, CSS, everything that's actually behind it. And I'm looking through this, okay, trying to reach out to a style sheet, get some bootstrap in there. Looks like there's a form, but it doesn't specify there's a post method or anything. It doesn't actually specify where it's going to, or really any of that. So it doesn't look like it's actually calling to another page. There's no PHP in the background to process this. So I'm assuming it's handling it with JavaScript. So I see other jQuery and JavaScripts, bootstrap links, et cetera. But there is one regular file just on the webpage, static main.js. So let's check that out. Looks like it has a MD5 function that looks like a lot of garbage. I don't particularly care to see that. I'm worried about, and I'm concerned about the login and actual authentication process. So I scroll down, et cetera, et cetera. I could hit control F and just go for like login. And then it takes me down to the very bottom. Okay, so it is using JavaScript to handle this login request. It checks, okay, once we submit the form, it'll run MD5 on the value of the password field that we enter to lowercase and checking it against this. So this must be a hash. This must be an MD5 hash. And if we get it, then we successfully log in. It doesn't give us a flag, but we know that, okay, since the flag is, for this challenge, it's not the typical flag format, it just must be what this password is when we have it hashed. So we have to get the original source of this hash. We have to crack this MD5 hash. So let's go ahead and do that. We can go to like crack station or hash killer or any of these things. We can just use an online tool for this. Crack station is fine. I'll paste it in there, run through a captcha, and we can crack hashes. We see the password is Avalon, okay? So if I went back to actually check out this page, pasted it in, we see login succeeded. So that means that must be our flag. We can go ahead and submit that. And that would get us 10 more points up on the scoreboard. So I am not going to bother writing a get flag script for that because it is going to have to crack a hash. We could, if we really wanted to, but I do want to keep track of the flag and save it in case I need it in a later scenario. And I think that's good practice that you should do it too. Great. Special shout out to the people that support me on Patreon. You guys are fantastic. A $1 a month on Patreon will give you early access. Whoa! Just kidding. $5 a month on Patreon will give you early access. $1 a month will just give you a special shout out. I'm trying to run through this outro like faster because it's stupid and annoying. So hey, please do like, comment, and subscribe. Join our Discord. Link in the description. You're the best. See you in the next video. Bye!