Use Grafana CVE to get config file and login as admin, then get flag from database