Power Cookie PicoCTF Writeup.

Power Cookie [PicoCTF]

Problems:

Can you get the flag?

Solutions:

Step 1 :- Go to the website first.....

Step 2 :- View the source code of this page. For see the source code of this page, first click on the right button of the mouse then you will find the "View Page Source" option and click this option.

Step 3 :- In the source code, first see if there are any flags or flag hints in the source code? Then see if there is any java script file or any important file in the source code? I notice a java script file in the source code. That is " guest.js" file . Let's go to this file to read the script of this file.

Step 4 :- In this file script, I found cookies. The value of this cookie is '0' and the name of this cookie is isAdmin.

Step 5 :- Then again go to this website. Inspect the website page and edit the cookie.

Then set cookie name to [isAdmin] and value to [0] . Refresh the cookie, Then Refresh the website. But we don't get any flag. So how can we solve it??

Wait...

Step6:- We can see some text on the website. That is "We apologize, but we have no guest services at the moment". That means the cookie value '0' is for guest service, not for admin service. We will try another value for admin service.

So, we again set cookie name to [isAdmin] and value to [1] . Refresh the cookie, Then Refresh the website.

....wow....

HOLAX, WE GET THE FLAG.

Thanks You Everyone

DP1H3R0X || CTF Write Up & Cyber Security Learning Community

Menu

Power Cookie PicoCTF Writeup.