# tl;dr
* craft a payload with a random nonce
* use something like [hash-collider](https://github.com/fyxme/crc-32-hash-collider) to collide the nonce we gave earlier
* send that to admin and get the flag