This lab has an admin panel at/admin, which identifies administrators using a forgeable cookie. Solve the lab by accessing the admin panel and using it to delete Carlos. You can log in to your own account using the following credentials:
On the lab's login page, enter the credentials that were provided to you.
Observe that the response sets the cookie Admin=false. Change it to Admin=true.
Admin panel shows up in Burp repeater
Under "Application" in the Chromium browser, you will discover local cookies.
