Challenge Name:Secret Blog
Only Blog Admins can see the flag, could you be one of them?
This is out target.
let’s check the page source first:
As we see two inputs field the first one in Username and the Second is Password .
I’ll try to use test: test as a credential to see the redirection:
Okay As we See :
Looks like there is a specific rule maybe a cookie or something but I will discover it right now .
Okay guys as I said it’s a cookie as wee see in the image:
I use Microsoft edge and I just downloaded the cookie editor Extension and after I logged in I opened the cookie editor and We got these cookies, let’s check the values and see :
I will change the username to admin and the admin Name which is admin to True.
then I’ll press refresh the page ctrl+R and yes mi amigo we got the flaaaag!
flag{I_l0v3_Co0ki3s_M4nipul4ti0n}
thanks !
