Inspect unsafe-cookie.php, which unwisely uses a cookie to store sensitive information about the server.
How can you find out the secret password?
What does this say about the safety of cookies and what kind of information should be stored in them?