Hi all,
Hope you can help me with this section, im not sure if the script mentioned in the lecture tries to log in, or should i change it to change the password of HTBAdmin,
Im not getting the question
Login with the credentials “htbuser:htbuser” and abuse the reset password function to escalate to “htbadmin” user. What is the flag?
How did you solved this question?
Hey ajauregui0.
Since you have an account “htbuser:htbuser” it’s always good to login first and intercept the full functionality (before and after login) with this privileges and then try to find a way to escalate the to admin access.
Important:
The example in the section very helpful.
You’ll see the flag once you log in as “htbadmin”.
#hint
You can add extra parameters to the request.
Hi abdussalam.alali, could you help me with this issue? The python script doesn’t work for me.
Hey auespo_10,
Sure, but first please share your current progress.
What have you tried? and share the code that you’re using.
Hi abdussalam.alali, I intercepted the password change request with Burp and I got the parameters to encode my Script, but I’m doing something wrong that doesn’t throw any results. I share the images
I’ll write the hint again (it’s kind of a spoiler 
)
#hint
Your request (in interceptor and python code) changes the password for “htbuser” and it’s a normal access, you hafta find a way to change admin’s password (the user “htbadmin”).
DM me if you need any further help with this problem
Happy hacking 
Thanks for your help Abdussalam.alali, I could solve it. The key is to read again “Your request (in interceptor and python code) changes the password for “htbuser” and it’s a normal access, you hafta find a way to change admin’s password (the user “htbadmin”)”. Thanks again
