This lab has user account page that contains the current user’s existing password, prefilled in a masked input.
To solve the lab, retrieve the administrator’s password, then use it to delete the user
carlos
.You can log in to your own account using the following credentials:
Lab link.wiener:peter
When we login with the given user information, we see the username in the id parameter in the URL.
If we look at the request, we see that the password is an information disclosure.
we make the username administrator and learn the admin password.
We log in to the admin account with password information. We enter the admin panel and delete the Carlos user.