So, I started up burp's proxy to see what everything that was being sent.
I then attemped to login a user other than 'admin' and noticed that it also sent a cookie.
Then I attempted to login as 'bdmin'.
Success!
It sent the cookie: '0ac8259ca0'
I then attempted 'cdmin' and received the cookie: '0bc8259ca0'
So, assuming there was a pattern, I figured the cookie for 'admin' was: '098259ca0'
I sent a username and then edited the cookie to '098259ca0'.
The key is: who wants oatmeal raisin anyways twumpAdby
... I prefer chocolate chip
No comments:
Post a Comment