Rating: 5.0
# Watermelon Writeup
- **Category:** Web
- **Points:** 120
- **Difficulty:** Easy
## Challenge Description
All love for Watermelons ???
Note: The code provided is without jailing, please note that when writing exploits.
## Challenge Files
## Steps Taken
#### 1. **Registration and Login**
I navigated to `/register` and registered a user.

Next, I logged in using the newly created username and obtained the session cookie. I then copied the session cookie.

#### 2. **Exploration and Exploitation**
Upon analysis, I discovered that the admin password is stored in `app/app.py`. I also identified a file traversal vulnerability in the `/upload` directory.

The files are stored in `/file/1`. Initially, Burp Suite didn't reveal much, so I used `curl` to retrieve the `app.py` file. As a result, I successfully obtained the admin password.

As a result, I successfully obtained the admin password.

#### 3. **Gaining Access**
I logged in with the admin credentials and copied the session cookies.

#### 4. **Flag Retrieval**
Finally, I sent a GET request to `/admin`, pasted the session cookie, and successfully retrieved the flag.

Would you please describe me how you discovered that the admin password is stored in app/app.py ?