Skills Assessment - Broken Authentication

I identified 3 support and 3 admin users. (name.country_code)
I know how htb_sessid works
I found 2 suitable passwords from rockyou. Couldn’t log in with any of them.
When logging in, I always get this: “User valid_user cannot have requested role”
What am I doing wrong/What am I not noticing?

This one was brutal for me, one piece of advice I had is when you figure out a format that regional accounts are in, that format might apply to more than support accounts.

1 Like