The Advent of Cyber: Day 14: Certificate mismanagement - Even if we're horribly mismanaged, there'll be no sad faces on SOC-mas! (TryHackMe)

In this article, we’ll cover Certificate mismanagement - Even if we're mismanaged, there'll be no sad faces on SOC-mas! write-up as the Day 14 challenge of the Advent of Cyber event challenge. It involved using Portswagger’s Burp Suite to take advantage of the certificate mismanagement to access the admin’s password which will allow us to schedule a gift card successfully on the Gift Card site. We’re still at Wareville for SOC-mas!

1. What is the name of the CA that has signed the Gift Scheduler certificate? THM

   

2. Look inside the POST requests in the HTTP history. What is the password for the snowballelf account? c4rrotn0s3

   

   

   

3. Use the credentials for any of the elves to authenticate to the Gift Scheduler website. What is the flag shown on the elves’ scheduling page? THM{AoC-3lf0nth3Sh3lf}

   

4. What is the password for Marta May Ware’s account? H0llyJ0llySOCMAS!

   

5. Mayor Malware finally succeeded in his evil intent: with Marta May Ware’s username and password, he can finally access the administrative console for the Gift Scheduler. G-Day is cancelled!
   What is the flag shown on the admin page? THM{AoC-h0wt0ru1nG1ftD4y}

6. If you enjoyed this task, feel free to check out the Burp Suite module.

Thank you for reading this article. Please leave a comment with your thoughts, areas for improvement, other suggestions, and questions. Stay secure until the next one!