Cookies is a Web Exploitation puzzle worth 40 points. This puzzle’s name gave a clue that enabled me to solve this in no time.
I used the EditThisCookie plugin in Chrome to edit the single cookie
name on this page. It had a value of
0 after submitting
snickerdoodle as hinted in the input box. trying different numbers gave me different names of cookies.
After several tries, the flag was displayed:
Luckily, this flag was discovered quickly. If the number was higher, this manual approach could have taken all day. If this flag didn’t turn up after many more tries, I would have scripted something or used Burp Suite to brute force the cookie.