Posted on by and filed under CSAW 2013.

The challenge takes us to a page with a log in form.

Password box

We find a cookie called admin after trying some passwords. This looks like a simple boolean.


After changing this value to True and refreshing the page, this reveals to key!