I know Mag1k

the ipsec lazy video misses out on a lot of syntax issues that are required to solve this

@Afolic said:
Nah,u dont have to, after u ve gotten how the data is saved on the server then u should know how to encode it, check padbuster help on how to use the encoding option

I read the manual and re-encoded using the p******** parameter. I used this result to replace the initial cookie. I expected it to work but didn’t. Which is why I wrote the quoted text below.

@null said:
I sent a request with the new cookie, the page doesn’t change. Any hints please? :slight_smile:

any nudge will be appreciated here. I got the encrypted value using the tool but replaced it as the second cookie parameter but the login user does not change.

@null @securityNinja Feel free to PM me, if you need further help.