Tags: web allaboutresetting 

Rating:

Challenge
Who can guess my password or.. http://all-about-resetting.ctf2021.hackpack.club

First things first, we load the link for the website challenge which displayed a login form with forgot/reset password option.We are prompted by an email form after clicking on the forgot password button.

After some few try and errors,i viewed the page source and there was an email npantel@ncsu.edu. I used the email and bingo! I get a security question to reset the password.

"What is your Favorite type of governance?"..

After frantically bruteforcing with known types of governance there were no results. I decided to view what was happening during the request so to my favorite web proxy tool burpsuite. I loaded the website again and intercepted the request which was A-ok, nothing suspicious..However the response had something interesting..A JWT cookie.

*"eJyrVkpLzMyJT84rUbIy0wFyyvKLMktS0PLUovyEvOSU5WslLITszOLSKTixKTK5UQakpSE3OBsvk5lbkFmYnJ-cVKtQBeAhyg.YHsccg.WiDP0w4NiOEhNTIZWfB6HwhVlM"*

On decoding the key, on the payload section was the favorite type of governance and favorite team.

***"favoritegovernance":"kakistocracy","favoriteteam":"olympiacos"***

. The flag was as simple as answering the question of governance with "kakistrocacy" and the response was the flag.

flag{Wh4t_1s_th1s_gov3rn4nc3_!!!}