Someone pls DM me regarding the MAC, I don’t get it. How should I modify it? I know about the juggling, but I am failing putting the pieces together. thx
I sent some kind of http request to default php page and received cookie one week ago, but Strangely when I try to send this request now, I did not receive any response from server!!! Is this challenge changed?!!! or any tip?
@0zcool said:
This is my first post, I’m still stuck on getting past/find correct page that’s not 403 error…
someone stated it’s not brute forced and you need to send a special http request… I’m totally lost here. I tried dirb at index.php and a few other content discovery techniques with no luck… I watched the video too, no help there except lots of buzz words causing me confusion…Help would be greatly appreciated. or message me. thanks,
Stuck and frustrated cant find anything online for bypassing 403 with headers also not got a clue as to whether it is checking some field in the get req??
@anybodynobody said:
I sent some kind of http request to default php page and received cookie one week ago, but Strangely when I try to send this request now, I did not receive any response from server!!! Is this challenge changed?!!! or any tip?
Proxy miss configuration made this problem!
So the challenge claimed to give me some flag, but the flag it gives me doesn’t validate when submitted. Did I miss something?
Finally finished! My approach on the final syntax was off
still don’t know what to do with the MAC think any hint
I got through first part of the challenge and now stuck with decoding the cookie. I changed the Admin flag but cant understand the MAC thing. Please PM me someone, really cant figure it out!!
Am currently at that cookie part, I know there’s is a flaw in PHP comparison but am not able to solve by tweaking with MAC value, can anyone help?
Any kind of hint is appreciated. You can also PM. 
@akashm said:
Am currently at that cookie part, I know there’s is a flaw in PHP comparison but am not able to solve by tweaking with MAC value, can anyone help?Any kind of hint is appreciated. You can also PM.
Hey, can anybody give me a hint on this one as I can’t figure out that special request !!!
An article or some sort of hint or anything ??? PM me
Hello everyone. This is my first challenge here (actually ever) and I feel that I’m getting close to the solution. I get all of the “what r u doing huh ?” - “U have fucked something up!” - “all lowercase characters” and the famous “you are not an admin (yet)”. I have tried to understand the MAC hashing method but could not be successful, I can see the padding and when I use a certain amount of characters, I can get the proper grammar (without the “%3D”). I would really be happy if someone gave me a nudge about my progress. It would be highly appreciated if you PM me (this will be my first PM here also ). Thanks in advance…
Hey, all
I just solved it.
just PM me, if you need any hint. 
hey, can someone give a hint regarding the values that need to be changed in the decoded text
it would be awesome if someone would give me a good reference onto how to make it throught he first part, tried dirb, gobuster and other tools for trying to get a valid directory but no luck, also i watched the whole ‘sesame street’ video in the beginning of this thread and tried to pas those words using burp but no luck. a help would highly be appreciated. cheers!!
request a default php page and not the /
I tried in***.php and I didn’t get cookie
there is double most popular page
Solved
@smm2 said:
there is double most popular page
Solved
I’m sorry, I don’t quite understand what you mean. When attempting to use a default PHP page, I run into some errors. What am I doing wrong?
Never-mind, solved.
I’m not so sure that my payload is correct. Because I still get “What you are trying to do?” can I ask for help?
thanks