Advanced XSS and CSRF Exploitation - Lab warmup

HI there,

I am trying to upgrade priv to admin in the lab warmup. I looked at the Request/Response in Burp and don’t see a flag that is being set in the code. Any help would be appreciated.

Regards,

Hello, please tell me how to connect to the laboratory correctly. I added the IP and domain name to /etc/hosts, but it doesn’t work. I also scanned the IP address using nmap and found many different open ports, but I’m not sure if these are the websites I need.