Security Summer School
Category
Web Exploitation
Difficulty
Easy
Analyzing the site I see nothing but one cookie named u with value guest.
u
guest
I tried changing it to "hacky mchack", because of the name of the chall, but nothing happened.
Then I tried fuzzing the site using dirsearch and found the path /manage.php.
/manage.php
There, we should change the cookie value to "hacky mchack" as I said above. Then check the page source and get the flag.
SSS{n0_m0r3_c00ki3s_f0r_y0u_m1st3r}
made by k0d
Last updated 8 months ago
