当前位置:网站首页>Cookie is used to collect the admin privileges CTF foundation problem

Cookie is used to collect the admin privileges CTF foundation problem

2022-08-02 04:01:00 SevenCold

A very basic ctf cookie question, if you don't know much about cookies, you can go here to see
https://blog.csdn.net/playboyanta123/article/details/79464684

Not much to say, go directly to the picture.
insert image description here
Source code is something useless.

According to the meaning of the question, we directly use burp to intercept and change the cookie
Insert image description here
If the permission is insufficient after the naked packet capture, we directly change the cookie.
Comparing the u and r in the cookie, it will be found that both start with 351e766803, so let's decrypt (MD5) the following things.
insert image description here
Found that u is username and r is limited.
So we have to change the latter to get admin privileges.
is to change both u and r to 351e766803+md5 (admin), which is 351e76680321232f297a57a5a743894a0e4a801fc3.
insert image description here
Done!flag it appeared!

原网站

版权声明
本文为[SevenCold]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/214/202208020322446752.html

边栏推荐

猜你喜欢

随机推荐