In this challenge I used BurpSuite to intercept and modify HTTP requests

I deleted the line that mentioned an otp which bypasses MFA and got me the flag