There are two kinds of people in this world. One with all the privileges and the others. Can you get the flag by eating some British biscuit?
We get a website with register and login form.
After registering with username and password stack:stack I logged in and saw the welcome screen:
There were two cookies set (u and r). Their values starts from the same string (351e766803). I registered two other users and found that MD5 hashes of username and limited string are added and saved as u and r cookie respectively (those stands for, probably, user and role)
For user stack with password stack it was:
u=351e766803fac2a47adace059aff113283a03f6760 //stack r=351e766803d63c7ede8cb1e1c8db5e51c63fd47cff //limited So the solution was simply to change those two cookies into representing admin as a user and admin as a role:
u=351e76680321232f297a57a5a743894a0e4a801fc3 //admin r=351e76680321232f297a57a5a743894a0e4a801fc3 //admin where 351e766803 is shared part and 21232f297a57a5a743894a0e4a801fc3 is MD5 hash of string admin.
And it was the right solution:
Flag: flag{bb6df1e39bd297a47ed0eeaea9cac7ee}
