ACADEMY: Web Requests - a nudge would be appreciated...

hi Moe
I couldn’t get around this challenge
any ideas?

The guest cookie logs you in as “guest_xxxxxxx”…

…It would be better if it logged you in as “admin” though :wink:

so just admin
i did it before but as ‘admin_xxxxxx’
how stupid :slight_smile:
thanks man for the clarification
have a nice day

Of course, as soon as I asked the question my brain started working and I was able to figure it out! Cheers!

Spoiler Removed

Type your comment> @KonstantinS said:

Of course, as soon as I asked the question my brain started working and I was able to figure it out! Cheers!

Can you prompt please, what string is used to answer?

i have tried with burp suite to achieve admin auth
i have two questions
1- when i modify cookie it’s necessary to encode “admin”?
2- when i send from repeater with changed cookie i must be logged in with guest?
thank you in advance to anyone will help me
maurp

how you can get the admin cookie?

I have answer welcome admin but the cookie that I use is not the correct answer, so why I get welcome admin? Is there an error in the module?

Type your comment> @pit83 said:

I have answer welcome admin but the cookie that I use is not the correct answer, so why I get welcome admin? Is there an error in the module?

Support answered me only this

Could you please confirm that you have tried without the unnecessary information after the account admin_generated_information as the task is to find a way to escalate to admin from guest.

Spoiler Removed

Spoiler Removed

Spoiler Removed

Type your comment> @pit83 said:

incredible same answer different result, with me it’s say bad answer I copy this
I suppose it is need spawn new target and try again.
Again encode cookie get flag and sent answer.

Hi Guys,

Trouble understanding the tutorial and getting the flag, this is my understanding from the tutorial:

  1. login users name and password
  2. You get a session cookie associated with that users, in the tutorial its admin:password
  3. You remove the session cookie and try in, it failed as it cannot identify the client
  4. You paste in the session cookie you got above in step 2 and you are logged in

The issue is the session cookie will always be for the user you logged in with. When following the tutorial i’m using the credentials guest:guest and therefore the session cookie is for the guest user.

I’ve tried base64 decode the session cookie for the guest user and changing the name to admin and encoding it again in base64 but all this does is change the name from hello guest_xxxxx to hello admin_xxxx

So what am I not understanding here? As far as I know I need the admin cookie to login or to manipulate the guest cookie in some way to login as admin. As mentioned above the tutorial didn’t make sense as the same cookie issued to the user was just reused unless I’m missing something here?

Any help would be greatly appreciated guys

Spoiler Removed

I am having issues with . . . getting from POST to see the
cookie named PHPSESSID through the Set-Cookie header.

In the htb, Web Request module, the question under the POST Method section asks:

"Login with the credentials guest / guest and try to get to admin.

Screen shot on the #fundamental-modules on Discord at Discord

Spoiler Removed

For those who think they already have the admin but they have no right answer:
There is a difference in html outputs between the two users. Try to investigate that.

I have found the flag. It says the flag is …, I copy and paste the flag but it says incorrect. Please, help.