Planet DesKel

DesKel's official page for CTF write-up, Electronic tutorial, review and etc.

5 September 2020 write-up: old-20

2 minutes to read
Link point tag
old-20 200 Scripting

Howdy there, welcome and welcome back for another web-based CTF style challenge. As for today’s challenge, we are going to look at some simple scripting.


For your information, you have 2 seconds to complete the form with a dynamic captcha verification. So, how does the system knew it was 2 seconds? Look at the st cookie parameter that records the current timestamp. However, changing the value does not yield any good results. The only way to solve the challenge is by good-o-scripting.

import requests
from bs4 import BeautifulSoup

#Remember to change the challCookie according to your session id
challCookie = ''
cookies = {'PHPSESSID':challCookie}
url = ''

#Obtain the page information
r = requests.get(url, cookies=cookies)
response = r.text
soup = BeautifulSoup(response, 'html.parser')

#Obtain the 'st' cookie
for c in r.cookies:
        st =
        st_val = c.value

#extract the captcha
input_lst = soup.find_all('input')
captcha = str(input_lst[3])
captcha = captcha[83:93]

#submit the request
data = {'id':'1', 'cmt':'1', 'captcha':captcha}
cookies = {'PHPSESSID':challCookie, 'st':st_val}
response =, data=data, cookies=cookies)


Be sure to install the BeautifulSoup and change the challCookie value.


tags: - scripting

Thanks for reading. Follow my twitter for latest update

If you like this post, consider a small donation. Much appreciated. :)


© 2020 DesKel