Intro 9 | Defend the Web

Don’t reset password, just email plaintext credentials to yourself

Hacker Silhouette | Credit: B_A on Pixabay

Problem

Alright another username/password entry with a third mysterious box. We can request the password via email, which is a bad idea, but let’s exploit it. Only knowledge is understanding of HTML forms and how to manipulate HTML elements.