Another day, another challenge…
What’s the challenge today? Challenge 5 of 10 from OWASP Hackademic.
Scenario below:
You need to get access to the contents of this SITE. In order to achieve this, however, you must buy the “p0wnBrowser” web browser. Since it is too expensive, you will have to “fool” the system in some way, so that it let you read the site’s contents.
Walk through below:
Going to the website we get the following:
Viewing page source we see the following:
So… the page source is not helping us as there are no gems.
Let’s look at Tamper Data.
Reloading the page and press “Tamper” we get the following:
We don’t have any POST data to change, but we do have request headers that we can change. One field looks interesting User-Agent.
The user-agent describes the type of browser that you are using. More can be learned about user-agent HERE.
If we change the user-agent to p0wnBrowser (since we are trying to trick the user to view the contents). Changing the user-agent we get the following:
Lesson learned:
In this case we did not have POST data (response) to change, but we did have GET data (request) to change. Looking at the different headers the user-agent jumps out as one to change. Once again, if you’re stuck, Google is the way to go!