Tags: web
Rating: 3.0
Lets have a look at challenge description.
> Everything disappears magically.
Can you magically prevent that?
http://defcon.org.in:6060/index.php
There's hint hidden in description itself. "Everything disappears magically" -> may be something cookie/session related. So, I fire up firebug add-on in firefox and intercept requests and see what happens.
Boom! Have a look at response headers.
```
Connection close
Content-type text/html; charset=UTF-8
Host defcon.org.in:6060
Set-Cookie
0=%2B; expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; path=/
1=%2B; expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; path=/
2=%2B; expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; path=/
3=%2B; expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; path=/
4=%2B; expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; path=/
5=%2B; expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; path=/
6=%2B; expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; path=/
...
```
What's of my interest is the value being set for each id: 0=%2B, 1=%2B, 2=%2B ... so on. These are url_encoded values
I quickly wrote a [python script](http://bit.ly/2w8lthw) to parse these mappings and decode the url_encoded data.
```
$ python hack.py
++++++++++[>+>+++>+++++++>++++++++++<<<<-]>>>>+++++++++++++++++.--.--------------.+++++++++++++.----.-----------
--.++++++++++++.--------.<------------.<++.>>----.+.<+++++++++++.+++++++++++++.>+++++++++++++++++.-------------
--.++++.+++++++++++++++.<<.>>-------.<+++++++++++++++.>+++..++++.--------.+++.<+++.<++++++++++++++++++++++++++
.<++++++++++++++++++++++.>++++++++++++++..>+.----.>------.+++++++.--------.<+++.>++++++++++++..-------.++.
```
Above is nothing but, brainfuck code. Just run it through an online [brainfuck interpreter](https://copy.sh/brainfuck/). This is the output: `username: abERsdhw password: HHealskdwwpr`. Typing these credentials in the index.php form, and submitting it, redirects to `panel.php` with output: `d4rk{c00k13s_4r3_fun}c0de`. Hurray!