Help with I know mag1k

Challenge: I know mag1k

Hi Guys! Can anybody dm me with some hint?

I think I figured out which technique should be used. Researched some tool to achieve exploitation, but the decrypted cookie is still not meaningful (or at least seems to be).

I have also problem i am encrypting the cookie but still i when i submit i get my user profile.

@Spacessd said:
I have also problem i am encrypting the cookie but still i when i submit i get my user profile.

any hint how to decode the cookie ??

read the “tool” --help more

@Spacessd said:
I have also problem i am encrypting the cookie but still i when i submit i get my user profile.

well i encrypt it , and im stuck same as you … did you have any luck !?

In order to solve this challenge, you need to be patient since it will take time and also a little trick. PM me if you want to verify your finding.

i am using the “tool” but i can’t get the Blocksize, i tried all 5 encoding options and all numbers for blocksize manually. Please help

@Gakros said:
i am using the “tool” but i can’t get the Blocksize, i tried all 5 encoding options and all numbers for blocksize manually. Please help

Yah same to me… anybody know?

Is this topic still alive, I’m stuck with encrypting the text. I have tried url encoding the text after encrypting. Tried the encrypted text on burp repeater but I’m still logged in as user. I just need a push in the right direction

I’m on this challenge too, but i’m stuck with choosing the cookie to bust, and using the tool in general

Can someone please PM me? I’m gonna lose it. I found the plaintext form, changed it to the right value and encrypted it again. But when I try to inject the manually created cookie, I still redirect to my own page, instead of admin!

dont use plaintext argument to encode, for me it never worked and dont forget quotation marks

@peek said:
dont use plaintext argument to encode, for me it never worked and dont forget quotation marks

This enlightened me.

Solved! :slight_smile:

Can someone PM me pls… I tried encrypting the code i got but no luck.

-Thanks

@peek said:
dont use plaintext argument to encode, for me it never worked and dont forget quotation marks

plaintext is for encode or encrypt? im stuck on the same point… i tried differents ways to encrypt the cookie but i’m still in “normal” profile page. Can someone help me?
Thanks :slight_smile:

who want to hint this challenge? pm me.

awesome challenge, pm if need help

Type your comment> @peek said:

dont use plaintext argument to encode, for me it never worked and dont forget quotation marks

Wow!! I can’t believe I spent so much time on this for such an issue…I learned a good bit on this one. I appreciate the tip.

Type your comment> @InfoSecTodd said:

Type your comment> @peek said:

dont use plaintext argument to encode, for me it never worked and dont forget quotation marks

Wow!! I can’t believe I spent so much time on this for such an issue…I learned a good bit on this one. I appreciate the tip.

glad that helped you