# Cha-Cha-Cha

We got a login page with **captcha**, also they provide us with **[Top 100 User List](top100usernames.txt)** , so we have to get in

## Target

[\*] Bypass the captcha

[\*] Brutefource login credentials

## Solution

the captcha was easy to bypass any orc reader can solve it :D


After research i got free orc reader named **Tesseract-OCR**

now we have to do simple brutefource script i will provide my script below not that much efficiency but its work ^_^

**Script [Link](Program.cs)**

After running the script we will get the credentials

**User : AURORA$JIS$UTILITY$**

**Pass: AURORA$JIS$UTILITY$**

now all we need login into the chall website and view page source search for the flag and yey we got it :D

**flag : Flag{mSRQn7vjmiBSCBFuVJKd_not_so_effective_captcha}**

Original writeup (https://github.com/MustafaRaad7/Winja-CTF-Writeups/blob/main/Cha-Cha-Cha/README.md).