Clubs and Societies Fair 2021
Date: 2021-09-30
Difficulty: Beginner
Delivered By: All
Overview
SUCSS is back for 2021-2022! With a new slate of sessions, there's a lot to look forward to as we explore the world of cyber security!
Our first challenge of the year is our "bunfight" challenge. Can you gain admin access on the website?
For those attending the Clubs and Societies Fair, we'll be located in the marquee opposite building 40. Come along, try the challenge and enjoy some free cookies! We'll also be attending the ECSS Freshers Fair, where you can try the challenge as well. If you aren't attending either, you can access the challenge using the link at the end of this page.
If you enjoy the challenge and want to learn more, be sure to grab your free membership on the SUSU website and come along to Web 101 on October 6th in 67/1037! We'll also explain the solution then.
Prerequesites
For those attending the Clubs and Societies Fair, you just need to turn up! We'll have a laptop all set up for you to use.
For those that aren't, all you need is a browser with the ability to Inspect Element (i.e. any modern browser).
Session Link
You can attempt our bunfight challenge by navigating to http://bunfight2021.sucss.org!
Please note this is not a HTTPS link, so if you recieve an SSL/TLS or 403 error, make sure to check that your browser of choice did not change the URL by accident.
The credentials to log in as a regular user are:
- Username: dave123
- Password: SecureATea1337
Brute forcing using tools such as Burp or Hydra is not allowed. You will not gain admin access this way.