- ronga wrote:
- That's correct. But you may miss another factor, that is IP address.
Try to keep the cookies but change the IP address. See if you can set password now.
The cookies take precedence over the IP address because the cookie resides on the computer.
Cookies do not transfer to IP's.
I could create brutes on one computer and then go to another computer on my network with the same IP and the password option will not available. You don't even need to change IP's to test this, all you have to do is open another browser to the newly created brutes cell page and the password option will not be available.
Test:
Create a brute in Internet Explorer and verify create password link is there.
Open the brute's cellule page in Firefox and you will see there is no password option available.
Results: No create password option was available in the alternate browser.
Let's see if IP matters:
Test:
Switch IPs.
Reload the brute's cell in Internet Explorer with the new IP.
Verify the create password link is still there.
Results:
When I reloaded the brutes cellule that had the password create link under a new IP, the create password link remained.
So IP does not matter regarding the create password link only that a valid cookie is present.
So if you have a brute that doesn't offer the password option, try to create a way of manufacturing the cookie needed in order to reactivate the create password link.
Another interesting fact:
In the query string that is sent to create the brute if you change the entry for "cpl=" it will create the brute and not offer the create password option.