Hintru EN ES ← All labs

✎

Improve lab

Improved version of Ottergram (BAC + HTTP Verb Tampering) — Bugforge

You are creating a new version of this lab. The original stays untouched. Your version will be signed by a cryptographic key generated in your browser — no email, no password. If you clear browser data without exporting your identity, you lose authorship over your contributions.

You do not have a signing identity yet in this browser.

Lab metadata

Title Summary Target type Difficulty Tags (comma-separated)

Steps

Explore the Ottergram Application

▾

Phase recon, web, foothold, privesc, etc. Title Short action-oriented title. Avoid spoiling the vuln class.

Objective What the student must achieve in this step. Context Optional: setup or prior info needed.

💡 Hint 1 — directional

Directional nudge — point at where to look without naming the technique.

🎯 Hint 2 — technique

Reveal the vulnerability class or technique without the exact payload.

🔑 Hint 3 — near solution

Near-solution: specific approach or command without the final flag.

Solution Exact command, payload, or approach. Code stays in original language. Validation criteria What a correct attempt DOES (action), not what output it produces.

Discover Admin-Only Endpoints

▾

Phase recon, web, foothold, privesc, etc. Title Short action-oriented title. Avoid spoiling the vuln class.

Objective What the student must achieve in this step. Context Optional: setup or prior info needed.

💡 Hint 1 — directional

Directional nudge — point at where to look without naming the technique.

🎯 Hint 2 — technique

Reveal the vulnerability class or technique without the exact payload.

🔑 Hint 3 — near solution

Near-solution: specific approach or command without the final flag.

Solution Exact command, payload, or approach. Code stays in original language. Validation criteria What a correct attempt DOES (action), not what output it produces.

Attempt Direct Access — Confirm BAC Surface

▾

Phase recon, web, foothold, privesc, etc. Title Short action-oriented title. Avoid spoiling the vuln class.

Objective What the student must achieve in this step. Context Optional: setup or prior info needed.

💡 Hint 1 — directional

Directional nudge — point at where to look without naming the technique.

🎯 Hint 2 — technique

Reveal the vulnerability class or technique without the exact payload.

🔑 Hint 3 — near solution

Near-solution: specific approach or command without the final flag.

Solution Exact command, payload, or approach. Code stays in original language. Validation criteria What a correct attempt DOES (action), not what output it produces.

Bypass the Access Restriction

▾

Phase recon, web, foothold, privesc, etc. Title Short action-oriented title. Avoid spoiling the vuln class.

Objective What the student must achieve in this step. Context Optional: setup or prior info needed.

💡 Hint 1 — directional

Directional nudge — point at where to look without naming the technique.

🎯 Hint 2 — technique

Reveal the vulnerability class or technique without the exact payload.

🔑 Hint 3 — near solution

Near-solution: specific approach or command without the final flag.

Solution Exact command, payload, or approach. Code stays in original language. Validation criteria What a correct attempt DOES (action), not what output it produces.

Exploit Admin Access — Perform Unauthorised Admin Action

▾

Phase recon, web, foothold, privesc, etc. Title Short action-oriented title. Avoid spoiling the vuln class.

Objective What the student must achieve in this step. Context Optional: setup or prior info needed.

💡 Hint 1 — directional

Directional nudge — point at where to look without naming the technique.

🎯 Hint 2 — technique

Reveal the vulnerability class or technique without the exact payload.

🔑 Hint 3 — near solution

Near-solution: specific approach or command without the final flag.

Solution Exact command, payload, or approach. Code stays in original language. Validation criteria What a correct attempt DOES (action), not what output it produces.