Now we only need the last flag, which is Flag 6, and we already have the hints from the previous flag.php file.

So basically, what we need to get Flag 6 is using the POST method, including an authorization header with the JWT, and also make sure that the token has the admin role.

Next, the first thing we need to do is decode the JWT that we received from the previous response, and we get this:

In order to modify the JWT, we need to have the secret key

Usually, we would try to crack this key, but as mentioned earlier, no brute force is necessary for this challenge.

This is where the hint we discovered earlier becomes relevant.