The company hired an inexperienced developer, but he told them he hided the database and have it encrypted so the website is totally secure, can you prove that he is wrong ??
started by visiting the website, and found this interesting thing in the source code
so visiting this directory did not give us anything. I tried to go to secret-admin and it gave me a login page
Found a hidden directory in the login’ source code
look to the great directory that is written!
visiting it fave me this string
This is a MD5 string, decrypt it and you will get the flag
