thank you!
Hi kons, I didn’t get the logic for hex string in the cookie (admin_xxx). Any tip?
You must replace it by something different than guest_xxxxx. Then encode it URL. Somebody up there in the first posts said very accurately “Guests can be many, but how mnay admins?”
Does it give you a clue?
I had the same feeling, man!
Enter admin/password as user_name and password
→Go to page of “admin_xxxxxxxx”
→Not “admin” page!!
→"admin" and “admin_xxxxxxxx” are diffrent user!!
So, you need to go to “admin” page.
Cookie, acquired by enter admin/password, belongs to “admin_xxxxxxxx”.
You should get Cookie for “admin”.
Try to decode some Cookies, to find regularity!!
Good luck!!
1 Like
