picoCTF Solutions
picoCTF 2022Web ExploitationMedium

Power Cookie

Published: July 20, 2023Updated: December 9, 2025

Description

The site sets an `isAdmin` cookie to 0 when you continue as guest. Flip it to 1 and reload /check.php to see the flag.

Setup

Visit site

Click “Continue as guest” to set the cookie or create it manually in DevTools.

Open the browser’s storage view, change `isAdmin` from 0 to 1.

Refresh `/check.php`; the server now treats you as admin and prints the flag.

Solution

  1. Step 1Inspect the JavaScript
    The main page shows the onclick handler that creates `isAdmin=0`, so you know which cookie name to modify.
  2. Step 2Toggle the cookie
    Edit the cookie value (or create a new `isAdmin=1` cookie) and revisit `/check.php` to read the flag.

Flag

picoCTF{gr4d3_A_c00k13_65fd1...}

Cookie tampering is a common beginner attack; always validate privilege server side.