🥷
TryHackMe
  • 🥷TryHackMe
  • Web Hacking Fundamentals
    • OWASP Top10
      • Task 5
      • Task 7
      • Task 8~11
      • Task 12~16
      • Task 20
      • Task 21~26
      • Task 29
  • Jr Penetration Tester
    • Introduction to Cyber Security
  • Red Teaming
    • Red Team Fundamentals
  • EXTRA
    • Advent of Cyber 2022
      • Day 1
      • Day 2
      • Day 3
      • Day 4
      • Day 5
      • Day 6
      • Day 7
      • Day 8
      • Day 9
      • Day 10
      • Day 11
Powered by GitBook
On this page
  • What is the name of the Registrar for the domain santagift.shop?
  • Find the website's source code (repository) on github.com and open the file containing sensitive credentials. Can you find the flag?
  • What is the name of the file containing passwords?
  • What is the name of the QA server associated with the website?
  • What is the DB_PASSWORD that is being reused between the QA and PROD environments?
  1. EXTRA
  2. Advent of Cyber 2022

Day 3

PreviousDay 2NextDay 4

Last updated 2 years ago

What is the name of the Registrar for the domain santagift.shop?

whois santagift.shop |grep -i registrar

Namecheap Inc

Repo link

{THM_OSINT_WORKS}

What is the name of the file containing passwords?

config.php

What is the name of the QA server associated with the website?

In the README.md description shows:

qa.santagift.shop

What is the DB_PASSWORD that is being reused between the QA and PROD environments?

Inside the config.php website we can find the DB_PASSWORD variable with the value:

S@nta2022

Find the website's source code (repository) on and open the file containing sensitive credentials. Can you find the flag?

github.com
GitHubGitHub
Logo