CTF WRITE UP
Logon
Points: 150
Category
Web Exploitation
Question
I made a website so now you can log on to! I don't seem to have the admin password. See if you can't get to the flag. (link)
Hint
Hmm it doesn't seem to check anyone's password, except for admins?
How does check the admin's password?
Solution
Using any password and username, you will be able to login, however, upon logon,you will be greeted by:
Success: You logged in! Not sure you'll be able to see the flag though.
No flag for you
Upon inspection of cookies, it can be seen that there exists a cookie names admin with the value false
admins False 2018shell1.picoctf.com / 1969-12-31T23:59:59.000Z 10
password password 2018shell1.picoctf.com / 1969-12-31T23:59:59.000Z 20
username username 2018shell1.picoctf.com / 1969-12-31T23:59:59.000Z 20
Changing the value of admin to True will result in the printing of the flag.
Flag
picoCTF{l0g1ns_ar3nt_r34l_a280e12c}
Video ( CTF WALKTHROUGH )
Youtube Link - click Here 👈
0 comments:
Post a Comment