I read and reread the code, set up a local server and still can’t see the vulnerability.
Could someone send me a tip on PM, PLS !!!
I prefer the forum because it might help future solvers too. :)
Think about what has changed.
I’ve tried all the things I thought, I thought it was to change the value of SESSION [‘uid’] but this is not possible on the client side.
I really have no ideas
Are you sure about that, you have tried everything which is possible as a user?
Keep thinking about what you can change.
Is it possible to change server variables from the client side?
haaaa, how bad is it to be dumb kkkkk
Is there any specific knowledge to solve this challenge?
You aren’t dumb at all. Everybody learns by trying his/her best.
You need to solve the challenge from the client-side, but it is usefully to download the sources and see what goes on the server-side when you try out different things as a regular user. :)
Does this challenge need to have any specific knowledge?
Yes, it requires, but if I tell you the technique, it will kill the fun part.
You should play in your downloaded environment, then search with Google based on what you have found.
Do not give up! You will complete the level! :)
Well done, good job