Recently Updated
Web Exploitation 150: Logon
Challenge
I made a website so now you can log on to! I don’t seem to have the admin password. See if you can’t get to the flag. http://2018shell1.picoctf.com:57252 (link)
Solution
It only checks password for user admin
. We can log in as any other username, then get 3 cookies:
We change admin
cookie to True
and refresh the page to get the flag
Flag
picoCTF{l0g1ns_ar3nt_r34l_2a968c11}