Description

The Cosmic Courier service, known for its interstellar message delivery, has been experiencing unusual activity. Preliminary scans indicate a potential breach that might allow dark rangers to intercept all information on the portal. The portal also has another vulnerability that dark ranger's have introduced as backdoor. This backdoor could allow us to break into the portal and steal information regarding dark ranger's plan.

One of the dark ranger has sold the credentials to portal on black market and we have acquired those. The credentials are provided below:

  • username - AnderLua
  • password - p@k@u

 

Objective: Login into Cosmic Courier portal, exploit vulnerability to get the secret information kept in the environment variables!

Resources

  • Link to Cosmic Courier portal
SignIn to Open Link

Flags

Retrieve the flag from exploiting the vulnerability.

Flag format: FLAG1_XXXXXXXXXX

SignIn to Submit Flag

Real-World Relevance

Web application vulnerabilities pose significant real-world risks as they can lead to unauthorized data access, financial loss, and damage to the reputation of organizations, emphasizing the need for robust security measures to protect sensitive information and maintain user trust.

Weapons Recommendation

  • Burp Suite
  • Nessus
  • Zap Proxy
  • Manual Testing