Saturday, November 1, 2014

Natas 5

 This time we're greeted with an immediate "Access disallowed" message. It doesn't look like there's much we can do as far as user input, so let's take a look at it with BURP.

It looks like there's a "loggedin" cookie that's set to 0. I wonder what happens if we set it to 1?

That did it!

No comments:

Post a Comment