search

A Christmas Crisis

Web Exploitation - Cookies

hashtag
Video

hashtag
Rooms

Web Fundamentalsarrow-up-right

hashtag
Challenge

hashtag
Deploy your AttackBox

circle-check

No answer needed

Enter the site and register a new user.

Login with the previous registered user.

hashtag
What is the name of the cookie used for authentication?

circle-check

auth

hashtag
In what format is the value of this cookie encoded?

circle-check

Hexadecimal

hashtag
Having decoded the cookie, what format is the data stored in?

circle-check

JSON

Figure out how to bypass the authentication.

hashtag
What is the value of Santa's cookie?

circle-check

7b22636f6d70616e79223a22546865204265737420466573746976616c20436f6d70616e79222c2022757365726e616d65223a2273616e7461227d

Now that you are the santa user, you can re-activate the assembly line!

hashtag
What is the flag you're given when the line is fully active?

circle-check

THM{MjY0Yzg5NTJmY2Q1NzM1NjBmZWFhYmQy}

PreviousAdvent of Cyber IINextThe Elf Strikes Back!

Last updated