This is a write up on the Pico CTF practice challenge logon.
To start this challenge, I am given a URL to access with a simple log in page. The task is to login as user “Joe”.
When trying a default login of “admin” “admin” I am allowed access but with the pop up of successful login but no flag. That makes sense because I should be logging in a user Joe, lets give that a try.
Now I am greeted with a new message, Joe’s password is super secure and I won’t be getting in that way.
Next step… inspect with website with f12! Lets poke around and see if we can find anything useful. I decided to login as “admin” “admin” again and start poking around devtools.
Ok, this is something that caught my eye. I see the Set-Cookie parameter on the right set as admin=False. Is this a parameter I can change? When hovering there is small edit icon. Nope! Clicking that does nothing. It is labeled cookie and I saw when looking around under the application tab of devtools there’s a cookies sub menu. Lets navigate there now.
BAM! There’s the same parameter I saw earlier. Now lets see if we can edit it. Double clicking the value column I am able to change it to True, but no notable change on the website. Lets try to refresh.
Awesome! After the refresh I am given the flag.
Leave a Reply