LEVEL: BEGINNER
OP: COOKIE_MONSTER
[ SESSION AUDIT ]
HTTP cookies store vital information in the user's browser. Sometimes, due to bad practices, they contain obfuscated data that should not be accessible to the client, such as admin roles or credentials.
Objective: We have detected a test user panel. Visit the target, inspect the cookies assigned by the server, and decode their content.
HTTP cookies store vital information in the user's browser. Sometimes, due to bad practices, they contain obfuscated data that should not be accessible to the client, such as admin roles or credentials.
Objective: We have detected a test user panel. Visit the target, inspect the cookies assigned by the server, and decode their content.
Target path:
[ ACCESS USER PANEL β ]Hint: Open DevTools (F12) > 'Application' Tab > Cookies
submit OP-COOKIE-MONSTER FLAG{...}