[Day 2] Elf HR Problems

{Web Exploitation = Cookie Manipulation}

Story

McSkidy needs to check if any other employee elves have left/been affected by Grinch Industries attack, but the systems that hold the employee information have been hacked. Can you hack them back to determine if the other teams in the Best Festival Company have been affected?

Challenge

Accessing the site reveals a login form as shown below.

Registered an account to get an idea of what's going on in the application.

After registering the site announced that I didn't have permission to register for an account as shown below.

Taking a look at the cookies created by the site, we can see 2 values.

Decoding the cookie with cyberchef reveals that hexadecimal encoding was used.

Decoding as hex, we are able to see the values in JSON format.

Now let's modify the username field to admin and re-encode it.

Now let's replace the existing cookie value with the value we just re-encoded.

After hitting refresh, the admin page appears on screen.

Last updated

Was this helpful?