Cookie

Challenge link: https://cookiechallenge.pythonanywhere.com/

homepage

  • i fuzzed the url

  • got 2 directory

  • the /robots.txt page had a directory for us : /sup3r_s3cr3t_d1r

  • after visiting /cookie we get a jwt cookie

  • how cookie looks like

  • we need to change values marked in red

  • now update the cookie & visit /sup3r_s3cr3t_d1r

Flag :

Last updated