This is a writeup for TryHackMe: Web Fundamentals Room. To get access to this room, you have to have a paid subscription.
Let me begin by saying I put a lot of research into this room. I have a lot of theory knowledge on the topic but putting it all together in the CTF event was pretty darn awesome. Plus I learned a lot....I mean a WHOLE LOT!
I am going to skip Task 1 through Task 4 because they are pretty simple and the material is all provided. First thing first, DEPLOY your machine and then head to your terminal. Once you made it to the terminal, proceed to Task 5: Mini CTF.
Task 5: Mini CTF
#1 What's the GET Flag?
Run this command and press enter for your flag
#2 What's the POST flag?
Run this command and press enter for your flag
#3 What's the "Get a cookie" flag?
So I used the -v (verbose) option and the command spit out all this information. You can keep it simple and use the -c - instead. The end game is getting the flag.
#4 What's the "Set a cookie" flag? (CLI Method)
This is the CLI method to setting a cookie for the flag. The special character used here is the -b 'name=value' argument. Our argument is 'flagpls=flagpls'
#4 What's the "Set a cookie" flag? (Dev Tool Method)
This one was pretty fun and definitely made me feel like a hacker lol. First we have to open up a browser and type in our machine's IP.
We should reach this view. If you have, right click in the white area and select Inspect Element.
From there go to Storage
We should see this now
Go to the right and select + symbol. This will generate a cookie but we have to make some adjustments. Double click in the Name and type “flagpls” and then do the same thing for the Value. We should look like this when complete.
Now we are going to do a GET request for the cookie we just set.This is done in the browser.
Press enter and we should see our flag.
And that's it. Hopefully this was helpful to you and if so, please share it, like it, and comment. See all the resources I used to complete this CTF below.
My Resources
cURL HTTP Scripting
How to Print Received Cookie
Add a Cookie
Comments