[Nullcon HackIM CTF Goa 2025][Web] Sess.io
Introduction Context Explanation The Sess.io challenge is an interesting Capture The Flag (CTF) problem that tests knowledge in exploiting pseudo-random number generation (PRNG) weaknesses, seed reversibility, and cryptographic manipulation. The challenge presents a minimalist web page where users can sign up by providing a username and a password. The βmagicβ happens in the backend, where the user-provided credentials are used to generate a session ID that is tightly coupled with the systemβs flag....