ctftime

My solutions for various CTF challenges

View on GitHub

Hello unknown

Web - Points: 200

http://165.22.22.11:25633/

When visiting the website, the only thing we can do is trying to login, but we need a username and password. There is a cookie with user=unknown set, so what if we simply change it to user=admin? After refreshing we are immediately logged in and a new button named ‘flag’ appears, already done? When clicking the button we only see the flag format without content.

Something is missing, so after logging out again and trying around a bit with the login I noticed another cookie logged=false that immediately expires. Let’s try both cookies with curl http://165.22.22.11:25633/?page=flag' -H 'Cookie: user=admin; logged=true and there it is, the full flag.

flag: AFFCTF{n3v3r_7ru57_u5er5_1npUt}