Contact CTF writeups Notes

[PicoCTF 2018] - web - Logon

This is one of my writeups for PicoCTF 2018

Problem

I made a website so now you can log on to! I don't seem to have the admin password. See if you can't get to the flag. http://2018shell3.picoctf.com:6153

Hints :

(1) Hmm it doesn't seem to check anyone's password, except for admins?

(2) How does check the admin's password?

Solution

The hints indicate that the password is not checked for non-admin users, so I logged in with an arbitrary username and no password, then looked at my cookies to make sense of how the session is persisted :

Cookie name Cookie value
admin False
password
username iodbh

So the cookies are plaintext. If we just change the admin's cookie value to True and reload the page, the flag is displayed : picoCTF{l0g1ns_ar3nt_r34l_82e795f4}