[Day 1] Web Exploitation A Christmas Crisis

TryHackMe: https://tryhackme.com/room/adventofcyber2

Task Overview

So the first day is a nice easy Web Exploitation task. This goes overs cookies and cookie manipulation. Not reall that much to say on this one.... watch the video and start hacking.

Useful Reasources

For this one it is useful to have Cyber Chef open in a tab. If you have not used it before Cyber Chef is a great tool that will aid you on your pentest journey......


Deploy your AttackBox (the blue "Start AttackBox" button) and the tasks machine (green button on this task) if you haven't already. Once both have deployed, open FireFox on the AttackBox and copy/paste the machines IP into the browser search bar.

Click the button :)

Register for an account, and then login..

One the machine has deployed goto the IP Address in your browser, fill out the username and password field and click Register

What is the name of the cookie used for authentication?

The easiest way to get this is to open developer tools in your browser, this is normally achieved via using F12. For instance using firefox the cookie name is in the name column.

In what format is the value of this cookie encoded?

If you copy the value of the cookie into Cyber Chef and use the magic recipe you can find the short hand name of the encoding, the answer requires the full version.

Having decoded the cookie, what format is the data stored in?

Once you have the cookie you will need to do some research on this.... hint below

Figure out how to bypass the authentication.

Once you have decoded your cookie you should be able to spot the way to exploit the system. HINT: The cookie only has 2 fields and only 1 which would change for different users

What is the value of Santa's cookie?

from the above alter the cookie for santa, once done you will need to encode this using the encoding your found above. You can do this using Cyber Chef

Now that you are the santa user, you can re-activate the assembly line! What is the flag you're given when the line is fully active?

Once you have the cookie for santa using the developer tools you can overwrite your cookie with Santa's and refresh the page. Once you are Sant you can toggle the buttons and the flag will appear at the bottom of the page.