[Pragyan CTF] Supreme Leader



North Korea reportedly has a bioweapon in the making. Hack into their database and steal it.

Link :

For the second web challenge we’re given with a URL, lets open it.

Cute Kim 🙂

Now let’d dump the headers of the response using curl:

Megabeets$ curl -D -
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2017 08:47:14 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.20
Set-Cookie: KimJongUn=2541d938b0a58946090d7abdde0d3890_b8e2e0e422cae4838fb788c891afb44f; expires=Sun, 05-Mar-2017 08:47:24 GMT; Max-Age=10
Set-Cookie: KimJongUn=TooLateNukesGone; expires=Sun, 05-Mar-2017 08:47:25 GMT; Max-Age=10
Vary: Accept-Encoding
Content-Length: 1117
Content-Type: text/html


We can see an interesting cookie:  KimJongUn=2541d938b0a58946090d7abdde0d3890_b8e2e0e422cae4838fb788c891afb44f. The value of the cookie is looking like 2 MD5 hashes combined with “_”. Let’s try to crack them online using my favorite site.

That’s it! Here is the flag: pragyanctf{send_nukes}


Leave a Reply

Your email address will not be published. Required fields are marked *