Susan Landau
Description
Susan Landau (born 1954) is an American mathematician, engineer, cybersecurity policy expert, and Bridge Professor in Cybersecurity and Policy at the Fletcher School of Law and Diplomacy at Tufts University. She previously worked as a Senior Staff Privacy Analyst at Google. She was a Guggenheim Fellow and a visiting scholar at the Computer Science Department, Harvard University in 2012. - Wikipedia Entry
Chal: Connect to our webserver and understand the concerns of this mathematician and privacy expert.
Challenge link
Solution
On the landing webpage, clicking on
Start Exploring
, choosing ausername
, and then choosing any path leads us to a dead end.But 2 cookies named
csrf_token
andPHPSESSID
are set.So we can crack
csrf_token
value using crackstation.net40c331964b7560a4d3baaae420d5e3cd
md5 decrypt decodes to :hack this
We get a hint that we should play around with the
csrf_token
value.Choosing
cyberheroine
as username.Replace the
csrf_token
with theMD5 hash
ofcyberheroine
.Calculating the MD5 sum of
cyberheroine
md5(cyberheroine):
09a206b401aaa7b5315e1d814ce16896
Intercept the request using
burpsuite
and modifying thecsrf_token
cookie value.
We get the
flag
.
FLAG
Last updated