Unsecured Login2 [PCAP]
NeverLAN CTF 2020

Unsecured Login2

We caught someone logging into their website, but they didn't check their links when submitting data!

https://ctf.neverlanctf.com/files/92511a08d7b1cee346a07eed39729ced/mysite2.pcap?token=eyJ1c2VyX2lkIjo4NDUsInRlYW1faWQiOjQ5NCwiZmlsZV9pZCI6NH0.Xj7rKg.73XVunzXl5eD9-I-aJbtnA4uwRc

Recon

Packet 137 contains:

Hypertext Transfer Protocol
    GET /login.php?user=admin&pass=flag%7Bensure_https_is_always_used%7D HTTP/1.1\r\n
    Host: 192.168.23.46\r\n
    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:72.0) Gecko/20100101 Firefox/72.0\r\n
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\r\n
    Accept-Language: en-US,en;q=0.5\r\n
    Accept-Encoding: gzip, deflate\r\n
    Connection: keep-alive\r\n
    Cookie: PHPSESSID=g9it34ivklcg3kvfo3vo54bvkv\r\n
    Upgrade-Insecure-Requests: 1\r\n
    \r\n
    [Full request URI: http://192.168.23.46/login.php?user=admin&pass=flag%7Bensure_https_is_always_used%7D]
    [HTTP request 7/8]
    [Prev request in frame: 115]
    [Response in frame: 138]
    [Next request in frame: 152]

../downloads/neverlan2020_mysite2.png

Flag

flag{ensure_https_is_always_used}