Real 1

So, I have found the directory and the the AD and used the j***** i*******, but when I refresh the site, nothing happens! Please help me. :@

Looks like you are doing the right thing and so, when you refresh the page, you should be able to complete the challenge.

But you need the "right page" thumbs up

Well, I did go to t***.**p. I have been read a couple of articles and it tells me to inject there, and I did.

You are on the right page but you are probably working with the wrong injection.

Take a look at the php manual here

Never did like the j********* i******* approach, just edit the locally stored A****D with a handy browser add on.

huitzipochli what do you mean? the articles i've read speak about js injction

i've tried to do that, i was in the right page, with a js inejtion from an article i've read, refreshed the site many times, but nothing happened.

Can anybody help me?:|

Well, you're trying to use a javascript injection to change a value that resides in a locally stored cookie, it would be a lot easier, and make more sense, to just simply edit the cookie manually.

This eliminates the right/wrong page issue and any errors in the syntax of your javascript injection. Remember that some of those articles are 10 years old or more, and as such may not always contain the more logical and modern approaches that we all take for granted today.

ahm yes you are right!

I feel like this challenge was a little weird, I changed the A****D multiple times but not on the right page and it didn't work unless I was on the correct page, also, I even cracked the admins password hash and I was unable to login. It would be cool if the creators would actually add the admins account to the database.

You can change the a**** on any page and it will work, if you click the links after the edit,.

Well, I tried this many times doing it over the URL bar and it didn't work (using Chrome) but try doing it over The Console ;) –> doc*****.c****="A*****=*******", obviously on the right page