you can solve it different ways i tried curl and running a python script in my terminal (wsl) and both worked and you can use burp-suite also or anything really or even using console in developer tools and making a js script . or even Using an HTML File making a button with a functional js on it so when clicked it'll grab the flag for you. The key here is To be creative solve it different ways and search and understand what you are doing

Decently easy

dead ?

use cmd line tools :)

I was rather easy

I dont get it I'm using postman to send a POST with the paramaters for username and password but it just keeps sending back the source code. What POST data am I missing to submit?

I dont get it I'm using postman to send a POST with the paramaters for username and password but it just keeps sending back the source code.

I'm LOST, please help me, I'm new to this and have no idea what I'm doing

ok, I'm brand new to this and I'm either lucky as hell or normal lucky? I opened the source code and ctrl f typed password see what shows up, two lines shows up with curl and ones has find it for the password and the other has what seemingly is a password. one has .x for the ip other has .113 so I took the one with the "real" password and replaced the .x with the .113 and entered it into my VM and it worked... I solved it... but I have no idea what curl does or how it works. I just used random thoughts in my head that sprung from the super liquid I drank this morning? (water) thoughts?

Incorrect difficulty, should be EASY

nerd emoji

curl -X POST -d 'username=<find it>' -d 'password=<find it>' http://165.227.106.113/post.php

Found how to use curl. Nice challenge :)