📊 Challenge Overview

Category	Details	Additional Info
🏆 Event	PicoGym	Event Link
🔰 Category	Web	🌐
💎 Points		Out of 500 total
⭐ Difficulty	🟢 Easy	Personal Rating: 1/10
👤 Author	bobson	Profile
🎮 Solves	68.995	solve rate
📅 Date	30-01-2025	PicoGym
🦾 Solved By	mH4ck3r0n3	Team:

📝 Challenge Information

The factory is hiding things from all of its users. Can you login as Joe and find what they’ve been looking at? https://jupiter.challenges.picoctf.org/problem/44573/ (link) or http://jupiter.challenges.picoctf.org:44573

🎯 Challenge Files & Infrastructure

Provided Files

1	Files: None

🔍 Initial Analysis

First Steps

Initially, the website appears as follows:

There is a login screen where, if I tried to access without entering any credentials, it allowed me to log in (even with any credentials):

So, I decided to inspect the page using ChromeDevTools and found some suspicious cookies:

Let’s move on to the exploitation.

🎯 Solution Path

Exploitation Steps

Initial setup

Looking at the cookies, the username and password are specified, with which I logged in (in this case, empty). Another thing that immediately caught my attention was the admin cookie set to False, so I immediately thought that I needed to set that cookie’s value to True.

Exploitation

The exploit was indeed based on setting the admin cookie to True, and after refreshing the page, I obtained the flag.

Flag capture

🛠️ Exploitation Process

Approach

The exploit simply makes a GET request, setting the appropriate cookies, especially the admin=True cookie, to obtain the flag in the response, which is then extracted using a regex.

•  Exploit

🚩 Flag Capture

Flag

Proof of Execution

Screenshot of successful exploitation

🔧 Tools Used

Tool	Purpose
Python	Exploit
ChromeDevTools	Web Testing

💡 Key Learnings

Skills Improved

• Binary Exploitation
• Reverse Engineering
• Web Exploitation
• Cryptography
• Forensics
• OSINT
• Miscellaneous

📊 Final Statistics

Created: 30-01-2025 • Last Modified: 30-01-2025 *Author: mH4ck3r0n3 • Team: *