Only login in as theblacksheep. Then you get into the member area.
____________________
Username:|____________________|
Password:|____________________| Login
Solution:- If we follow the direction and input 'theblacksheep' as the username, the page will show us an error message like below.
Sorry, that name already exists. Try an other one.
- So, we should input something like 'test' to figure out what will happen after we login the page. Below is the result. There's nothing!
Hi test, what's going on?| Logout | ̄ ̄ ̄ ̄ ̄
- Since this challenge is about cookies, we should check the cookies first and we would get a cookie like below.
Name: TheBlacksheepCookie
Value: test
Domain: .www.bright-shadows.net
Path: /challenges/exploits/cookies/
... - Let's modify the value of the cookie. Open JavaScript Console in Chrome Developer Tools and enter the code below to replace 'test' with 'theblacksheep'.
javascript:document.cookie="TheBlacksheepCookie=theblacksheep";
- Press Logout button. Well done!
No comments:
Post a Comment