This is from the WinjaCTF2021.
For this challenge, we are given he following hint:
Going to the link provided, we get this simple page:
After a bit of poking, I register an account:
When I log in with my new credentials, I am given this message:
Remembering a cipher I once saw that uses emojis, I try and decipher it using emojicipher.com
I see it decodes to “ar3_t0kens_$$$}”, which looks a lot like the tail end of a flag!
After some more poking, I see there is a cookie set by this site.
I decode the cookie value (base64) and see it is a JASON Web Token. Knowing how they are formatted, I break up the encoded cookie value and just decode the header to get this:
Seeing the “role” element with a value of “user”, I try changing the value to “admin” and then re-encoding the header and adding the preserved tail end of the original cookie value:
I paste that cookie value into my browser and refresh the page to get this new message:
I just got the first half of the flag.
Combining the two I get the full flag value: