MyMenu

Pentester Academy Web Application Challenge 11 Solution

This Challenge was one of the good challenges i have seen on this site till now.
below is the snip when i first time visited the page...
 there is cookie value over here ....when i forwarded the request the response set the cookie with field s1,s2,s3,s4,s5 to some values and when i again requested the page s1,s2,s3,s4,s5 values change to something else
what i find is that s3 value have only first two digits different than any other s3 value ...rest all digits of s3 are same.

so then i used Burp intruder with first two digits of s3 as payload 

1 comment:

  1. This comment has been removed by a blog administrator.

    ReplyDelete