PicoCTF2022 - Power Cookie
Description
Can you get the flag? Go to this website and see what you can discover.
Information
Point Value: 200 points
Category: Web Exploitation
Hints
- Do you know how to modify cookies?
Solution
Open the link. Right click anywhere on the page and click on "View Page Source". We see immediately that the
webpage runs a function within guest.js called
continueAsGuest() when the button is pressed. After we press it, we notice a new cookie is created
named isAdmin, which by default is set to 0. We change the isAdmin cookie inside the browser to a
value of 1, either by directly changing the value or by changing the continueAsGuest() method to set the isAdmin
value to 1 rather than 0 as it currently does. We navigate again to check.php which now checks to see if isAdmin is 0 or 1,
and because it has a value of 1 now, it displays the flag. Copy and paste the flag displayed on the page.