Web Attacks - Skills Assessment

Can any one help me with web Attacks?
I find all the users and tokens and also I found the way how to reset the users password, also I reset the password for htb-student. But when I try to reset the other users passwords I get “Access Denied”.
I try to change Cookie: udi but no succes. Can any one help me with this?

1 Like

Also I try to use Burp Intruder to test the tokens, iud and no success. Some one have any idea?

I found the way to finish this.

Hey, can you give me a hint on this? I’ve been struggling with it for 2 days and still didn’t find xxe vuln :frowning:

you need to find how to reset users passwords and after that you will find XXE