CyberTalents

Web Security

Challenge Name:

Blue Inc.

Challenge Description

Blue Inc is a new social media website that’s still under construction, However it doesn’t have registration yet, but if you are interested in seeing our website then you can login with demo/demo.

Link: http://35.240.62.111/blue_inc/chal1/

Solution

• Open the link and login with:

  Username: demo
  Password: demo
  

• Now open your profile from navBar, which will show you this :

  Welcome to your profile demo!
  You don't have any posts! t
  

• Use Firefox Inspect tool or Cookie Editor extention to see Page Cookies, it will contain :

  user:demo
  

• Change user to ‘admin’ then reload the page (ignore “Access denied!”)
• Open Profile agian from navBar.
• You got the Flag!!

The Flag

15716a249064f7e9684a816dcdb05282