# Sokudo

Level: Easy\
Points: 10\
Type: Daily Challenge

Lab Interface

<figure><img src="https://559802299-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8C3FiojCIEtxH7nox2Do%2Fuploads%2FS9bgLZP5CrF7PnbS5BIJ%2Fimage.png?alt=media&#x26;token=e2bb2373-c29f-4a03-920f-485d3581d845" alt=""><figcaption></figcaption></figure>

After signup, we get a token.

<figure><img src="https://559802299-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8C3FiojCIEtxH7nox2Do%2Fuploads%2Fq1hza117Li49qKjKh7Fs%2Fimage.png?alt=media&#x26;token=c060aa64-0e9a-4397-a293-7c1347bf895a" alt=""><figcaption></figcaption></figure>

Provided token looks interesting.

```
20260312181120
```

which is in this form

```
2026 03 12 18 11 20
YYYY MM DD HH MM SS
```

To check if it is what I thought. I created a new account and got new token

```
20260312180943
```

Next, I tried to bruteforce last 4 digits hoping new account is created in last 60 mins.\
I also edit the request to /api/admin/users which requires admin token to get 200 response.

<figure><img src="https://559802299-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8C3FiojCIEtxH7nox2Do%2Fuploads%2FBX7XIBU7EKCTkKSDEgsB%2Fimage.png?alt=media&#x26;token=c99565af-dd5f-4678-8a5d-3718a0c72ba6" alt=""><figcaption></figcaption></figure>

<figure><img src="https://559802299-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8C3FiojCIEtxH7nox2Do%2Fuploads%2Fdoaxk1AmJByUPCz55f8b%2Fimage.png?alt=media&#x26;token=bad4f35e-8c44-4cfe-8633-43729574d50f" alt=""><figcaption></figcaption></figure>