1  Category: #Web 
2  Rated Difficulty: #Easy 
3  Personal Difficulty: #Medium 
4  
5  This feels like a pretty shit challenge tbh
6  
7  You get a login page and you manage to login using unsanitized [[LDAP]] login. Just input \* on both fields 
8  
9  Then you try to login as `reese` and get the flag from the password using script