The speaker shares how they were able to exploit a web server by capturing the credentials of an admin or establishing an authenticated session between the server and an admin's machine, which allowed them to access the website administrator's team and all the code associated with the website.