Challenge Name:Secret Browser
The company employees is using company special browser to view the website content.
This is our target:
so, let’s see the source page to see if there anything important:
just a simple message: Welcome Guest , your are not using our company browser.
so let’s open our burpsuite to get more information about this page:
I intercepted the page request and I focused on the User-Agent line because it’s the condition that restricts us from accessing the page as users so in this case it was Mozilla fire fox and we got the message Welcome Guest , your are not using our company browser
So, Now we need to know the Company name and edit it the User-Agent line in the request then the new browser name will be PublicTradeCo
when I saw the source page I got the Company name in the title line in HTML File:
PublicTradeCo company for trading
So, I will replace Mozilla with PublicTradeCo to see is it gonna work or not :)
and yea after changing the User-Agent browser we got a different response message now which is: Welcome employee , the flag you are looking for is here somewhere
flag is in the response header:
So yea this is our Flag :
W3lcomeC0mpanyUs3R
Thanks !
