Sokudo

Level: Easy Points: 10 Type: Daily Challenge

Lab Interface

After signup, we get a token.

Provided token looks interesting.

20260312181120

which is in this form

2026 03 12 18 11 20
YYYY MM DD HH MM SS

To check if it is what I thought. I created a new account and got new token

20260312180943

Next, I tried to bruteforce last 4 digits hoping new account is created in last 60 mins. I also edit the request to /api/admin/users which requires admin token to get 200 response.

PreviousCheesy Does It NextIDOR - Insecure Direct Object Reference

Last updated 20 days ago