# User role controlled by request parameter

This lab has an admin panel at`/admin`, which identifies administrators using a forgeable cookie. Solve the lab by accessing the admin panel and using it to delete Carlos. You can log in to your own account using the following credentials:

On the lab's login page, enter the credentials that were provided to you.

Observe that the response sets the cookie Admin=false. Change it to Admin=true.

<figure><img src="https://3401258663-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FAKc2IccofCPFp0RqLn1n%2Fuploads%2FZWdlRqNCFAshq8yRzevo%2F2024-01-09_19-31.png?alt=media&#x26;token=564e2685-af28-4c0b-8bd6-e441f32fc719" alt=""><figcaption></figcaption></figure>

Admin panel shows up in Burp repeater

<figure><img src="https://3401258663-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FAKc2IccofCPFp0RqLn1n%2Fuploads%2FOOyY3MLLH7mzEEsyHxgE%2Fimage.png?alt=media&#x26;token=791e3817-b406-4320-8a53-7bab682af57e" alt=""><figcaption></figcaption></figure>

Under "Application" in the Chromium browser, you will discover local cookies.

<figure><img src="https://3401258663-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FAKc2IccofCPFp0RqLn1n%2Fuploads%2FTT0XaKKo35mqz9OEZtXM%2F2024-01-09_20-24.png?alt=media&#x26;token=7dcd0455-31fd-4b63-ab41-0caefd039767" alt=""><figcaption></figcaption></figure>

Change Admin cookie to true to enable admin panel

<figure><img src="https://3401258663-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FAKc2IccofCPFp0RqLn1n%2Fuploads%2FmFqReKQnhBJNJrrE3mzI%2Fimage.png?alt=media&#x26;token=c0d228c8-3a26-4285-b26f-5a32f73e1872" alt=""><figcaption></figcaption></figure>

The flag

<figure><img src="https://3401258663-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FAKc2IccofCPFp0RqLn1n%2Fuploads%2FpVCvJrynkch9Hec93ZET%2Fimage.png?alt=media&#x26;token=de1542ea-d0a8-4d46-83d9-b0f7c61fb412" alt=""><figcaption></figcaption></figure>