The Level can be accessed here.
The Question says :It seems you have encountered a page which requires users to login before viewing. Do some magic without having to log in.
The hint says you need to play with the headers , HTTP_REFERER
On analysing the source code we see that the login button is disabled
We remove the code disabled using the inspect tool in firefox and go to the login page which is available at the page login.html . [location: http://ctf.infosecinstitute.com/ctf2/exercises/login.html ]
Using the firefox addon LIVE HTTP HEADERS we find the details of the http request made when we click on the login link. we find:
Screen Shot 2015-09-25 at 1.34.43 am
Now the final step we need to change the default referrer to http://ctf.infosecinstitute.com/ctf2/exercises/login.html by using the replay button at the bottom of the dialog box .
So we make a http get request to the level5 page with the referrer as mentioned above:
GET /ctf2/exercises/ex5.php HTTP/1.1 Host: ctf.infosecinstitute.com User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:40.0) Gecko/20100101 Firefox/40.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ctf.infosecinstitute.com/ctf2/exercises/login.html Cookie: _ga=GA1.2.1087367223.1443120058; PHPSESSID=kft73fn8csor9k0f0s4n5hkdv4 Connection: keep-alive
and we get the success message:
The same can be achieved using burp suite free addition as well.