Suninatas Game 08

Post author: vkkkv
Post link: <a href="https://vkkkv.github.io/ctf/wp/Suninatas/suninatas-game-08/" title="Suninatas Game 08">https://vkkkv.github.io/ctf/wp/Suninatas/suninatas-game-08/
Copyright Notice: All articles in this blog are licensed under <span class="exturl" data-url="aHR0cHM6Ly9jcmVhdGl2ZWNvbW1vbnMub3JnL2xpY2Vuc2VzL2J5LW5jLXNhLzQuMC8="> BY-NC-SA unless stating additionally.

Posted on 2026-02-09 Edited on 2026-03-02 In ctf Views: Disqus: Word count in article: 108 Reading time ≈ 1 mins.

challenges

Game 08

1 2	<!-- Hint : Login 'admin' Password in 0~9999 --> <!-- M@de by 2theT0P -->

zaproxy btw

use fuzz and numberzz 0-9999

POST http://suninatas.com/challenge/web08/web08.asp HTTP/1.1
host: suninatas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:147.0) Gecko/20100101 Firefox/147.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.9
Content-Type: application/x-www-form-urlencoded
Content-Length: 13
Origin: http://suninatas.com
Connection: keep-alive
Referer: http://suninatas.com/challenge/web08/web08.asp
Cookie: ASPSESSIONIDQSBTDCST=FNDPAPJCJDFBJAAENDCKDGDK
Upgrade-Insecure-Requests: 1
Priority: u=0, i

id=admin&pw=1 <-!!

l3ruteforce P@ssword