PicoCTF: Cookies

The link leads us to a site where search different types of cookies. When we search a type of cookies we receive one of two results. Either a redirect to a page about how much the author loves that cookie,

Or an error message that the cookie is invalid.

I walked through these steps with burpsuite on but the intercept off. That way all of my traffic was logged and now I can go through and analyze the requests.

Looking through the requests, with Repeater(ctrl + r), we see that two different cookies are being used after we query snickerdoodle. When the cookie is set to 0 we see the page about how much they love snickerdoodle cookies. But, when it is set to -1 we are redirected to the original page with an error message. I sent this request to the repeater to test this out a little bit, and it seems like the cookies might go in ascending order so I tried 1 and it worked! Now we see the page for pinwheel cookies.

Knowing that the cookies go in order I sent this request to intruder, so we could automate checking different numbers instead of manually guessing and checking each one. To do this you can either right click or hit Ctrl + i.

I highlighted the cookie value and then pressed the add button on the right. This tells burp that this is the value we want to modify for our attack. Then I added the payload.

I pasted in a list of the numbers 1 through 30. To generate that list I used python.

Now we start the attack. Burp suite will substitute every item on our payload into the highlighted portion from before then it will provide us a new window displaying the attack.

We have general overview of the requests made and some data about them including the size. I scrolled through them looking for any outliers and saw that 18 had a much smaller Length than the others. After looking at the response I found the flag!

Take Aways:

This challenge was a good exercise to learn about http requests and how they work especially cookies, so I’m to define cookies here. Mostly for my own learning.

Cookies are small pieces of data that websites store on a user’s device when they visit a site. They serve various purposes in the online world, such as remembering user preferences, enhancing user experience, and enabling personalized interactions. Cookies can store information like login credentials, shopping cart items, language preferences, and more. They enable websites to recognize returning users, maintaining their logged-in status, and delivering tailored content. Additionally, cookies are used for tracking user behavior and generating insights for website owners to improve their services.

Leave a Reply

Your email address will not be published. Required fields are marked *