ROFL...some particularly funny snippets:
Nostalgiia wrote:i submit the form, which by the way the value is another encrypted subdirectory lol
Nostalgiia wrote:it was windows asking for it, not the internet
Watttttt...again. By the way, that sounds like basic http authentication.
Someone takes the basic missions a little too seriously...also, it's document.cookie, not document.write.cookie.
Nostalgiia wrote:i also tried getting medusa and hydra to run off my flash which are supposed to be able to crack admin passes from what i understand, but thats another story completely, and i'm having trouble getting them.
Anyway, your overall understanding of these things is pretty weak. You have a lot of bad logic and a lot of times you're just regurgitating code/injections where they don't make sense. For example, editing the cookies is guaranteed to have no effect seeing as how the webpage doesn't auth via a basic "access=true/false" cookie. Your SQL injection was also not SQL injection - you got lucky and caused an error which gave you a few pieces of information, but it was unrelated to your sql syntax.
As to what you can do...you could try a few default admin passwords and you could try bruteforcing the login, but success is unlikely. Just use a proxy.