🧾 Info

This lab allows users to stay logged in even after they close their browser session.

⚠️ The cookie used to provide this functionality is vulnerable to brute-forcing.

🎯 Goal

To solve the lab, brute-force Carlos's cookie to gain access to his My account page.

• 👤 Your credentials: wiener:peter
• 🎯 Victim's username: carlos
• 🔗 Candidate passwords

🛠️ How We'll Solve This Lab

We need to login as carlos using a crafted stay-logged-in cookie — no need to know his password.

1️⃣ Login as Wiener

• Login normally using: wiener:peter
• ✅ Make sure to check Stay Logged In
• Capture the POST request used to log in

2️⃣ Decode the Cookie

• Copy the stay-logged-in value from the request
• Open Decoder tab in Burp