Level: Medium
Tags: picoCTF 2023, Web Exploitation
Author: GEOFFREY NJOGU
Description:
Help us test the form by submiting the username as test and password as test!
The website running here.
Hints:
1. any redirections?
Challenge link: https://play.picoctf.org/practice/challenge/349
Browse to the web site but before you login start DevTools in your browser (press F12) and navigate to the Network tab as the hint wants us to look for redirections. In the Network tab make sure you have the Preserve Log option enabled.
Then login with test:test!.
You will indeed see a number of redirections. HTTP status codes in the 3xx range are redirections.
One of the id parameters ends with two equal signs so they are both probably base64 encoded. The '=' is padding in base64.
Let's try to decode it to verify
┌──(kali㉿kali)-[/picoCTF/picoCTF_2023/Web_Explotation/findme]
└─$ echo "cGljb0NURntwcm94aWVzX2Fs" | base64 -d
picoCTF{proxies_al Combine the parameters and you have the flag.
For additional information, please see the references below.