Elf Hunt⚓︎
Difficulty:
Direct link: Objective Terminal
Objective⚓︎
Request
Piney Sappington needs a lesson in JSON web tokens. Hack Elf Hunt and score 75 points.
Piney Sappington
Hey there, friend! Piney Sappington here.
You look like someone who's good with puzzles and games.
I could really use your help with this Elf Hunt game I'm stuck on.
I think it has something to do with manipulating JWTs, but I'm a bit lost.
If you help me out, I might share some juicy secrets I've discovered.
Let's just say things around here haven't been exactly... normal.
So, what do ya say? Are you in?
Oh, brilliant! I just know we'll crack this game together.
I can't wait to see what we uncover, and remember, mum's the word!.
Hints⚓︎
JWT Secrets Revealed
Unlock the mysteries of JWTs with insights from PortSwigger's JWT Guide.
https://portswigger.net/web-security/jwt
Solution⚓︎
After inspecting web application we have found cookie is JWT Token decodable with CyberChef using JWT Decode.
eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJzcGVlZCI6LTUwMH0.
Also decoding using Base64 we got initial info:
{"alg":"none","typ":"JWT"}>{"speed":-500}>
decoded using JWT Decoder:
{
"speed": -500
}
Then encoded JWT Token into new hash with speed -100
eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJzcGVlZCI6LTEwMCwiaWF0IjoxNzAzOTQxNDg2fQ.
And after scroing 75 points we won game!
There was also captains journal which will be helpfull in Captain's comms challange.
Answer
Score 75 points in terminal game
Response⚓︎
Piney Sappington
Well done! You've brilliantly won Elf Hunt! I couldn't be more thrilled. Keep up the fine work, my friend!
What have you found there? The Captain's Journal? Yeah, he comes around a lot. You can find his comms office over at Brass Buoy Port on Steampunk Island.