Name: Session Hijacking
Description: This challenge provides the users with a wireshark capture file containing a capture of the root user while logged into the site. The users account has been disabled, however the session has lived on. The user will have to hijack the session and upon hijacking the session will have to also figure out that they must spoof their user agent to the same user agent the the developer was using, which is also in the Wireshark capture. Once they have gained access, they should realize that the developer has changed the logged in page a bit and it no longer includes a link to the file which has the key. They will then have to open up the capture and trace the TCP stream to view the contents of the page as it previously was in order to find the correct page to navigate to.
How to Stand Up locally: Install vagrant and then run vagrant up from the root of this directory. After the script finished, navigate to localhost:8080 in your browser.
How to update cookbooks: Run rm -rf cookbooks
to remove the current files and berks vendor cookbooks
to regenerate the cookbooks directory with the latest files. Note that this will require having the berks gem installed.