In this video walkthrough, we covered how website cookies work, the security threats, and security best practices. We used an example lab from TryHackMe Advent of Cyber 2 / 2020 Day 1 scenario name: A Christmas Crisis
“The Best Festival Company’s brand new OpenVPN server has been hacked. This is a crisis!
The attacker has damaged various aspects of the company infrastructure — including using the Christmas Control Centre to shut off the assembly line!
It’s only 24 days until Christmas, and that line has to be operational or there won’t be any presents! You have to hack your way back into Santa’s account (blast that hacker changing the password!) and getting the assembly line up and running again, or Christmas will be ruined!”
Answers / Day 1
Deploy your AttackBox (the blue “Start AttackBox” button) and the tasks machine (green button on this task) if you haven’t already. Once both have deployed, open FireFox on the AttackBox and copy/paste the machines IP into the browser search bar.
Register for an account, and then login.
What is the name of the cookie used for authentication?
In what format is the value of this cookie encoded?
Having decoded the cookie, what format is the data stored in?
Figure out how to bypass the authentication.
What is the value of Santa’s cookie?
Now that you are the santa user, you can re-activate the assembly line!
What is the flag you’re given when the line is fully active?