Tags: crypto aes aes-cbc
Rating:
TL;DR
Spotting the weakness (AES with CBC Mode).
Get token
Flipping specific bytes in session json (turn flase to true).
manipulate token with flipped bytes.
Send manipulated token to page.
Get the flag.
Here is the full explained writeup:
[HERE](https://omega-coder.me/post/angstromctf-2019-secret-sheep-society-writeup-crypto)