Cookies
Last updated
Last updated
Who doesn't love cookies? Try to figure out the best one. http://mercury.picoctf.net:6418/
Let's proxy the traffic through Burpsuite and provide snickerdoodle
as the input.
We can see that the application redirects us to /check
.
Now let's send the request that is sent to /check
to the Intruder
.
Then we can configure the payload position to be the cookie.
Next we have to craft the payloads.
The payload type is a Simple list
with numbers from 1 to 20.
Let's start the attack and sort the responses by their length in ascending order.
We can see that the response with the shortest length is the one with the cookie set to 18.
That is also same the response in which the flag is present.