Postbook CTF Walkthrough

Hacker101 ctf.

Postbook CTF Walkthrough

Flag 0

Hints:

  • The person with username “user” has a very easy password.

Click on Sign In

Input the following:

Username: user

Password: < I think you can guess it >

Once you’ve successfully logged in, you will capture your first FLAG!


Flag 1

Hints:

  • Try viewing your own post and then see if you can change ID.

To capture this flag we have to try to view another user’s post.

This can be done by clicking on one of the posts to view it. Then change the ID # on the URL path and press Enter.

Tip: Go lower

You captured another FLAG!


Flag 2

Hints:

  • You should definitely use “Inspect Element” on the form when creating a new post.

On the Home page we need to inspect the What’s on your mind? field.

Look for the user_id and change the value.

Write something to post and click on Create post.

Now, you have captured the FLAG.


Flag 3

Hints:

  • 189*5

This flag really works our critical thinking and problem solving skills.

Find the product of this multiplication.

Then insert the product inside the URL path.

You have captured the FLAG!


Flag 4

Hints:

  • You can edit your own posts. What about someone else’s?

Right now we have user access and the only post we can see that does not belong to user is the one posted by admin.

So, let’s attempt to edit an admin post.

Click on one of your post to edit it. Then on the URL path you will have to change the ID number.

Tip: Go lower.

It should take you to the admin’s post where you can edit. I suggest you add “EDITED” on the title so you can see the difference.

Click on Save post.

You’ve captured another FLAG!


Flag 5

Hints:

  • The cookie allows you to stay signed in. Can you figure out how they work so you can sign in to user with ID 1?

To capture this flag we need to look for our cookie ID.

On the Home page right-click and Inspect.

Click on the Storage tab > look for Cookies > look for ID.

Click > copy the value.

Find a MD5 decrypt and encrypt engine by doing a quick Google search.

First you must decrypt the value to see which number it is. This will show you which user you are.

Admin must have an ID # 1.

So, now encrypt the #1 and obtain its MD5 hash.

Copy the MD5 hash for #1 and paste it in the table, replacing the other cookie ID.

Refresh the page.

FLAG 5 is now captured!


Flag 6

Hints:

  • Deleting a post seems to take an ID that is not a number. Can you figure out what it is?

We have admin access now so we must delete one of the user’s post.

  1. View one of the user’s post. Notate the post ID number.

  2. Hover over the delete button for one of the admin’s post > right click > Inspect > find the delete hash ID.

  3. Go back to the MD5 encrypt engine and generate the hash for the user’s post ID number.

  4. Copy it > paste it on the delete hash ID section.

Now click the Delete button you inspected.

The FLAG should appear!

Did you find this article valuable?

Support WalkingEclipse by becoming a sponsor. Any amount is appreciated!