jebidiah-anthony
write-ups and what not
CHALLENGE INFO
- CHALLENGE LINK: https://fortune.tghack.no/
- ASSUMED OBJECTIVE: Alter the site’s cookies to get the flag
1. Check cookies
- From HTTP Response Headers:
... Set-Cookie: access_token=divination:student ...
2. Change the value of access_token
- HTTP Request Headers:
... Cookie: access_token=divination:professor ... - Changing the value to divination:professor returns:
OMG! You're so fortunate! Take this flag: TG19{what_a_fortune_my_lucky_one}