A Step-by-Step Walkthrough Solution to CTF LEVEL 9 INFOSECINSTITUTE (Practical Web HACKING)

The level says we need to login as Mary Jane and we check cookies we get a cryptic looking string replace %3D with =, if you are using firebug cookie explorer it will do it automatically for you , decode the string as base 64 you will get the output. So now all you need to do is encode the string MARY JANE as base 64 and replace the cookie and refresh the page and you get [Read More]

Vulnhub Fartknocker CTF Write Up

This post is a solution to the CTF Challenge which can be found here. When we load the downloaded life onto Virtual Box , we find a login screen. A nmap scan shows only port 80 is open.The scan result indicates that either the whole level is web app based or there is PORT KNOCKING involved. If you are not familiar with port knocking , i can give you a analogy . [Read More]

A Step-by-Step Walkthrough Solution to CTF LEVEL 5 INFOSECINSTITUTE (Practical Web HACKING)

The Level can be accessed here. The Question says :It seems you have encountered a page which requires users to login before viewing. Do some magic without having to log in. The hint says you need to play with the headers , HTTP_REFERER On analysing the source code we see that the login button is disabled We remove the code disabled using the inspect tool in firefox and go to the login page which is available at the page login. [Read More]