Agent 513! One of your dastardly colleagues is laughing very sinisterly! Can you access his todo list and discover his nefarious plans? https://2019shell1.picoctf.com/problem/45132/ (link) or http://2019shell1.picoctf.com:45132


  1. Create an account and sign in

  2. Use EditThisCookieto get flask session cookie

  3. Create a todo of {{config}} and get the flask SECRET_KEY variable (used for encoding session cookies)

  4. Paste SECRET_KEY into secret_key variable of attached script

  5. Paste flask cookie into regular_user_cookie variable of attached script

  6. Run script to decode cookie and paste into cookie_dict variable

  7. Change "user_id": "x" to "user_id": "2"

  8. Run script again and change cookie to the new cookie

  9. Reload the page and the flag should be given

Example Output

Decoded Cookie:
{'_fresh': True, '_id': '669830bc929eb8755b468ad78734441992a8275815de8e86acaefc907af730c0f014a3c1aebb5c4f81924a9e400164894ab9f21fda058f1542b5d07c5cccc5a3', 'csrf_token': '86c56031ea9ab7555bb9e367a80f6a3bf72a1c59', 'user_id': '3'}

Encoded Cookie For User 2:



Last updated