Realist

Hi,

There is a cookie and this cookie must be processed by app. Well, i played around with it and have seen that it can be used for XSS and i am able to change it inside and reform it to the one so app understands it. I got some error messages but firstly it did not make sense.
After that, i found also the hidden app in confidential directory. This can be used for anything, but no way for beginners. :)
I tried one other way too. If the app was vulnerable for any kind of splitting injections. I could also make no way there.
I am fainting because it is boring. Is there any hint i could have without spoiling the good game...

Just sitting for thanksgiving,
thx for typing good time saving,
;)

Hi,

Looking for the inside what is going on... Yeah...

sit and lay back,

really cool ;

You are on the right way.
But maybe first you should try to resolv the Insecure Code Management challenge 😉