http://login2.chal.mmactf.link/ | Web | 200 points |
---|
This challenge, at first, didn't seem vulnerable. Using the test credentials that were provided, we see that a random token is assigned to the user in a cookie named ss
.
I finally stumbled onto something interesting when I submited a request the cookie ss
present but with an empty value.
$ curl "http://login2.chal.mmactf.link/" --cookie "ss="