Post

Cookie Monster Secret Recipe

Cookie Monster Secret Recipe is an Easy Web Exploitation challenge from picoCTF 2025. It has almost 30,000 user solves as of writing this.

Posted Updated
By milrn
1 min read

Cookie Monster Secret Recipe is an Easy Web Exploitation challenge from picoCTF 2025. It has almost 30,000 user solves as of writing this.

Website

When I visited the website, it showed a default login page.

Login Attempt

I tried the test credentials “cookie, cookie” while inspecting network requests.

Getting the Flag

When inspecting the request sent to the server, I noticed that there was a “secret_recipe” cookie being attached. This cookie immediately looked base64 encoded, so I tried to decode it using the base64 command.

1

echo 'cGljb0NURntjMDBrMWVfbTBuc3Rlcl9sMHZlc19jMDBraWVzXzQ3MzZGNkNCfQ==' | base64 -d

This successfully printed the flag!

picoCTF, Web Exploitation, Easy
picoCTF 2025 Cookies Base64 Inspect Element Easy
This post is licensed under CC BY 4.0 by the author.