As before, we can use the credentials obtained from the previous post to log in to Level 5. Upon doing so, we are presented with the following screen:
We can see that there appears to be something that is not allowing us to login. My first thought (again, proved to be correct [woo-hoo]) was that a cookie was the cause. Let's take a look at what cookies are being used by the site. I use a Chrome extension called Edit This Cookie (thanks for the catch, Murilo!) to do this:
We can immediately see a cookie called 'loggedin', which is currently 0 (for False). Let's just change this to a '1' and see what happens:
Now, let's just reload the page:
Awesome. Just as we hoped, the challenge believes we are logged in, and returns the password for natas6 to us, which we can use to log in to the next challenge. More writeups to come.
0 comments:
Post a Comment
Click to see the code!
To insert emoticon you must added at least one space before the code.