TryHackMe: Advent of Cyber - Day 4 - Santa’s Running Behind

December 11, 2021 less than 1 minute read

This is a write up for the Day 4 - Santa’s Running Behind challenge in the Advent of Cyber room on TryHackMe. Some tasks may have been omitted as they do not require an answer.

What valid password can you use to access the “santa” account?

The entry that returned Status 302 and a different length will be the password we are looking for.

Answer: cookie

What is the flag in Santa’s itinerary?

Logging in as Santa reveals the answer.

Answer: THM{SANTA_DELIVERS}

Recap

In this task we learnt how to:

Understanding authentication and where it is used
Understanding what fuzzing is
Understanding what Burp Suite is and how we can use it for fuzzing a login form to gain access

Andrew Dickinson

What valid password can you use to access the “santa” account?

What is the flag in Santa’s itinerary?

Recap