HTTP - Cookies

Description: PS: Bob really love cookies!
Difficulty: Easy

🔎 Solution

Based on the challenge name and its description, it is reasonable to assume that this challenge is related to cookies. On the website, when clicking the "Saved email addresses" option, a message appears stating "You need to be admin".

By inspecting the request in Burp Suite, we can see that the Cookie header contains the value ch7=visiteur.

By modifying this cookie value to ch7=admin and resending the request, the server grants admin access and returns the flag.

🚩Flag

ml-SYMPA

🔎 Solution​

🚩Flag​

🔎 Solution

🚩Flag