Hey everyone!
I got stuck in this assessment and I would like to get some hints.
What I found so far:
Passwords of 3 accounts, I cracked the cookies too.
But I cant escalate to admin privileges, I tried a lot of combinations on the cookies, but the message I get is “User cannot have requested role” (I tried it on all the users I found + the global one)
any hints? Thanks a lot!
You can DM me if you are still stuck.
Hi guys!
How did you conduct phasing to get around the time limit:
“Too many login failures, please wait 30 seconds before retry.”
fuzz or some kind of script?
fuzz, gives the wrong results that I wanted.(
You can write a script that will delay for 30 seconds every X tries
rate_limit_check.py does not work out, or I enter the parameters into it incorrectly (
(or it is not for this at all)
Hello, any hints on cracking the cookie. It looks like it is an MD5 based hashes, Any pointers will be apppreciated
rather than trying to go from md5 to plaintext, try the other way around.
When you decode the cookie, it looks particularly interesting (especially the delimiter) - md5:md5.
if you try hashing what you already know, like the username, does it match any of the values from what you decoded? if so, then its a matter of guessing the rest of the cookie and feeding it back to the app, then evaluating the apps response to see if it lets you in
thanks. solved this a while back!
Dears, I am stuck. I did the flowing:
Enumerated the users (6, 2 from the beginning and 4 with a custom word list).
I know how to generate a cookie, but always I have a message related to the role…
What I should do next?
Best,
P
I also tried to bf these 4 accounts, using filtered rockyou.txt (29 passwords after adding all the filters)
Hi
I am also stuck with the same issue - user cannot have the requested role. Can someone please point me in the right direction?
Thanks
After enumerating the users, I tried to use a script to blast, but it was unsuccessful. How did you write your password enumeration script?
Hey could you dm me the command you used to filter rockyou.txt? I keep ending up with only 14 passwords after I apply all the 5 rules.