CTF
  • Intro
  • HTB
    • Love
    • Aton
    • Cereal
    • Tenet
    • Tabby
    • Ophiuchi
  • CTF Competitions
    • SANS CTF 2020
      • Web
        • WE01
        • WE02
        • WE03
        • WM01
        • WM02
        • WH01
        • WX01
      • Binary
        • BE01
        • BM01
        • BM02
        • BX01
      • Crypto
        • CE01
        • CE02
      • Forensics
        • FE01
        • FE02
        • FE03
      • Network
        • NH01
Powered by GitBook
On this page
  • About The Challenge
  • Solution

Was this helpful?

  1. CTF Competitions
  2. SANS CTF 2020
  3. Web

WM01

PreviousWE03NextWM02

Last updated 4 years ago

Was this helpful?

About The Challenge

Type

Difficulty

Web

Medium

Solution

The fourth web challenge is about manipulating cookies.

First of all, their is login page as above figure illustrate that. In the beginning I tried to bypass the login page using SQL injection but it appeared it was not vulnerable.

Then I moved to inspect the source code and I found three interesting data.

  • An HTTP POST request.

  • The URL that POST request send to.

  • The parameter that included inside the request.

Finally I identified that their is a POST request that sent to an API endpoint to check the exitance of the user.

Then I fireup my terminal to check the response of the request by making Curl request, and I successfully got a response from the server.

After that I used Burp Suite to capture the HTTP POST request to make a intruder attack (brute force the id parameter).

Then after completing the intruder attack, I was able to get the flag by identifying the request that having different size.

Flag: pReDiCTaBlE_ToKENs-11890