# A Christmas Crisis

## Video

{% embed url="<https://www.youtube.com/watch?v=BJF84oWHmok&ab_channel=JohnHammond>" %}

## Rooms

[Web Fundamentals](https://tryhackme.com/room/webfundamentals)

## Challenge

### Deploy your AttackBox

{% hint style="success" %}
No answer needed
{% endhint %}

Enter the site and register a new user.

![](https://244894268-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MO2llY9Epz_XDFDa7VZ%2F-MOMMKaVsjYCUPEqcCZG%2F-MOMNuxOZxSIEVV07FYw%2Fimage.png?alt=media\&token=cae54b5e-3881-4057-887f-0fedeca74ec9)

Login with the previous registered user.

![](https://244894268-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MO2llY9Epz_XDFDa7VZ%2F-MOMMKaVsjYCUPEqcCZG%2F-MOMOG-3a5a4e_grp8YC%2Fimage.png?alt=media\&token=e0c57b22-e5d8-406e-b937-9a4dd56737e9)

### What is the name of the cookie used for authentication?

{% hint style="success" %}
auth
{% endhint %}

### In what format is the value of this cookie encoded?

![](https://244894268-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MO2llY9Epz_XDFDa7VZ%2F-MOMMKaVsjYCUPEqcCZG%2F-MOMPMPN4V8C2muUpSXo%2Fimage.png?alt=media\&token=0ad973f8-8602-4091-81d9-376ff4b67e23)

{% hint style="success" %}
Hexadecimal
{% endhint %}

### Having decoded the cookie, what format is the data stored in?

{% hint style="success" %}
JSON
{% endhint %}

Figure out how to bypass the authentication.

### What is the value of Santa's cookie?

![](https://244894268-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MO2llY9Epz_XDFDa7VZ%2F-MOMMKaVsjYCUPEqcCZG%2F-MOMPh-AX_-KiRTmpR_U%2Fimage.png?alt=media\&token=6913dba7-7f5a-4043-aef3-2e562fbdb64b)

{% hint style="success" %}
7b22636f6d70616e79223a22546865204265737420466573746976616c20436f6d70616e79222c2022757365726e616d65223a2273616e7461227d
{% endhint %}

Now that you are the santa user, you can re-activate the assembly line!

![](https://244894268-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MO2llY9Epz_XDFDa7VZ%2F-MOMMKaVsjYCUPEqcCZG%2F-MOMQ7HviwRTsKLwZV6C%2Fimage.png?alt=media\&token=ee7fefbd-8c3f-45ca-a8aa-d299af19000a)

### What is the flag you're given when the line is fully active?

{% hint style="success" %}
THM{MjY0Yzg5NTJmY2Q1NzM1NjBmZWFhYmQy}
{% endhint %}