PicoCTF — Cookies
Author: madStacks
Description
Who doesn’t love cookies? Try to figure out the best one. http://mercury.picoctf.net:64944/
Try 1 :
I started the BurpSuite side by side, and found something interesting
GET / HTTP/1.1
Host: mercury.picoctf.net:64944
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://mercury.picoctf.net:64944/
Connection: close
Cookie: name=§2§
Upgrade-Insecure-Requests: 1
So I intruded “name” field, I thought it would be useful. But this approach didn’t work at all.
Try 2 :
Unknowingly I just changed the method of submission to “POST” from “GET”.
This what I found, but I didn’t find anything useful
HTTP/1.1 405 METHOD NOT ALLOWED
Content-Type: text/html; charset=utf-8
Allow: HEAD, GET, OPTIONS
Content-Length: 178
<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 3.2 Final//EN”>
<title>405 Method Not Allowed</title>
<h1>Method Not Allowed</h1>
<p>The method is not allowed for the requested URL.</p>
Try 3 :
Now I tried to intercept each every cookie by myself, and got new cookies.
Name = 0 : I love snickerdoodle cookies!
Name = 1 : I love chocolate chip cookies!
Name = 2 : I love oatmeal raisin cookies!
Name = 3 : I love gingersnap cookies!
Name = 4 : I love shortbread cookies!
Name = 5 : I love peanut butter cookies!
But I assumed, nothing will happen, so we will try a different approach
But, look what I found.
Name = 18 : picoCTF{3v3ry1_l0v3s_c00k135_cc9110ba}
