go to target/phpmyadmin and bruteforce the login using burpsuite and get into user table