Cookie Monster
[Web]
Cookie Monster [10]
This website is hiding the flag.
https://challenges.neverlanctf.com:1110
Recon
Curl to the site:
# curl -i https://challenges.neverlanctf.com:1110
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Date: Sat, 08 Feb 2020 16:55:13 GMT
Server: nginx
Set-Cookie: Red_Guy's_name=NameGoesHere; expires=Sat, 08-Feb-2020 17:00:13 GMT; Max-Age=300
X-Powered-By: PHP/7.2.10
Content-Length: 146
Connection: keep-alive
<!DOCTYPE html>
<html>
<head>
<title>Cookie_monster</title>
</head>
<body>
<p>He's my favorite Red guy</p></body>
</html>
I guess the Red guy will be Elmo:
# curl -i --cookie "Red_Guy's_name=Elmo" https://challenges.neverlanctf.com:1110
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Date: Sat, 08 Feb 2020 16:56:01 GMT
Server: nginx
X-Powered-By: PHP/7.2.10
Content-Length: 152
Connection: keep-alive
<!DOCTYPE html>
<html>
<head>
<title>Cookie_monster</title>
</head>
<body>
<p>You got it! flag{YummyC00k13s}</p></body>
</html>
Flag
flag{YummyC00k13s}