This is super secure, confidential research. You are just not meant to access it. Don't even try, it's futile.
Okay, you don't believe me? have the source code too!
https://cryptixctf.com/web4/php_code.txt
On the website we have to enter an user id and password, the provided PHP code shows how the check is performed. The password needs to equal a variable whose value is not known and the user id should equal SuperUser1337 to get the flag printed out.
Since we don't know the $secretpassphrase, we need to find a way to let strcmp return 0 for equal strings. Luckily there is a PHP vulnerability that returns 0 when comparing incompatible types.
curl 'https://cryptixctf.com/web4/login.php' --data 'ID=SuperUser1337&pwd[]=a'
flag: flag{Why_Juggl3_th3_Typ5}