CodeFest CTF 2017 - Anonymous Recruitment Writeup

by dpstart
September 24, 2017

This is the page we see when we access the service:

Going through the page cookies, I found this:

I tried to set the flag cookie to False and send the form. As a result, the old form is replaced by the following:

After several tries, I found out that the correct username was root.

I sent the form again:

In the list of cookies, I now see this:

The values of the pass cookie is an md5 hash for the word aunty. I type it as a password, and I find out it’s the flag: