ErsSma task was one the most interesting puzzles at ZeroNights HackQuest, here is detailed solution.
We have a form with a single input:
POST /missions/ErsSma/index.php HTTP/1.0
Content-Type: multipart/form-data; boundary=--------336730954
Content-Length: 99
----------336730954
Content-Disposition: form-data; name="login"
admin
----------336730954--
->
Password is incorrect!
What do we do here? Fuzz all the things! (more…)