Post

PicoCTF - Logon

Posted Updated
Preview Image
By Charalampos Spanias 1 min read

  1. The website lands us on a login form:

  2. If we try to log in as Joe we get an error message:

  3. When we put random credentials as a test, e.g. test:test, we are able to log in:

  4. Let’s start Burp Suite and examine what’s happening behind the scenes:

  5. It seems that when we logged in with test:test, a POST request was send to /problem/44573/login directory which included a cookie called admin which was set to False. Next, there was a GET request which also included the admin cookie:

  6. If we modify the latter request and then send it, we can get the flag in the response:

CTF, Web
picoctf web web-exploitation logon burp parameters
This post is licensed under CC BY 4.0 by the author.