2FA simple bypass

Let's login to our account using the following credentials:

Username	Password
wiener	peter

If we clink on Email client we can view our security code.

Now, let's login using the following credentials:

Username	Password
carlos	montoya

Once logged in, we can set the URI to the following:

https://0a54007304ac552080c7d5ba00640023.web-security-academy.net/my-account

By doing so, we are entering the logged-in state that the wiener user was in.

We have solved the lab.