😴
gatari
  • πŸ‘‹root@gatari
  • πŸ”«Active Directory (Boxes)
    • Access Walkthrough
  • πŸ”΄Red Team
    • What is Windows Defender?
    • Post-Exploitation on Disk
    • Command and Control (C2)
      • Signatured by Default
      • Bring Your Own Loader
    • Creating A C2 Framework
      • Prototyping
      • Interfaces
      • Endpoints & Listeners
  • 🚩CTF Writeups
    • 🀑GCTF 2022
      • πŸͺ„ret2secret
      • 🀑login
    • 🀑LNC 2023
      • πŸ‘½Alien Portal
    • 🀑Gryphons Mini-CTF 2023
      • πŸ‘¨β€πŸ’»Web
        • πŸ₯ΆChill
        • πŸͺ Leaked Login
        • πŸͺCookie Monster
        • ✈️Traveller
        • 🀯Headers
      • ☠️Pwn
        • 🐱Netcat
        • πŸ‘¨β€πŸ’»Login
        • πŸ‘©β€πŸ’»Login 2
        • πŸ§‘β€πŸ’»Login 3
      • βͺReverse
        • πŸ”«Valorant Aimbot
        • 🀣WannaLaugh
        • πŸͺšHacksaw
        • 🀫Secret
        • ❓Command & ...POST?
        • πŸ’€Bruh
      • 🧠Sanity Check
        • πŸ‡¨πŸ‡³ζ—©δΈŠε₯½δΈ­ε›½
        • πŸͺ‘Needle in a Haystack(s)
      • πŸ“€Crypto
        • 🀦Ascee? Asskey?
  • πŸ“˜Reviews
    • 😭CRTO - Certified Red Team Operator
Powered by GitBook
On this page
  • Background Knowledge
  • Solution
  1. CTF Writeups
  2. Gryphons Mini-CTF 2023
  3. Web

Cookie Monster

112 Solves

PreviousLeaked LoginNextTraveller

Last updated 1 year ago

The cookie monster awaits you...

View Challenge

Background Knowledge

This challenge features a very real authentication bypass known as "Cookie Manipulation".

Cookies are typically used by websites to validate users, you can think of them as "proof" that you are a validated user, so that you can gain administrative rights without having to login every time.

This is how the "remember me" option works on some websites!

Think of how websites can implement cookie authentication, while ensuring that a user won't be able to edit their cookies to impersonate an authenticated user...

Hint: hashes..

Solution

Upon visiting the webpage, you are greeted with:

The website will only authenticate users with the cookie value of "alden", however my cookie value is "freshie"...

You can use any cookie manipulation tool, or even the built-in inspect element, but I'll be using the chrome extension called "Cookie Editor" as it offers more options than the built-in inspect element.

Simply editing the cookie value from "freshie" to "alden", should trick the website into thinking that I am an authenticated user.

🚩
🀑
πŸ‘¨β€πŸ’»
πŸͺ
Initial Visit
Cookie Values
yay