Google CTF 2016 // Purple Wombats (100 points)
Capture the Flag, Google CTF April 29, 2016, 0 Comment 319This challenge required us to send an encrypted cookie to the server. Luckily, the encryption key was readily available.
A hint in the page source led us to a Git repository, where the secret-key was included. We ran the code locally, set the username to ‘admin’, set the cookie on the vulnerable website, then obtained the flag.
Leave a Reply