The task is on the CD-ROM. It can be accessed at http://localhost/zadachi/5/.
The system is an authentication system based on session IDs stored in browser cookies. It is assumed that a user cannot access the source code of the system scripts and doesn't know logins and passwords to system accounts. The user cannot create an account.
The accounts are stored in the reguser table. The login of a user is stored in the login field, the password or its hash is stored in the pass field, and the access level is stored in the level field. Common users have access level one, and superusers have access level two.
The sid field stores the current session ID. In addition, the session ID is stored in the sid parameter in the browser cookies.
Goal 1. Find a vulnerability in the system.
Goal 2. Obtain the system administrator's rights using any other method.