Mission Briefing
SUBMIT SECRET:
SQL Query Monitor
query.sqlHackLab Monitor
1
-- Waiting for input...
Query Result
No queries executed yet.
Terminal
hacklab@megacorp:~$
Browser
http://localhost:3000
Enter a URL path above and press Go.
STAGE COMPLETE

HACKLAB COMPLETE

Mission Accomplished

You've identified all 5 vulnerabilities in the MegaCorp portal.

01
Information Leakage
OWASP A01 — Broken Access Control
02
Broken Access Control (IDOR)
OWASP A01 — Broken Access Control
03
Cross-Site Scripting (XSS)
OWASP A03 — Injection
04
SQL Injection
OWASP A03 — Injection
05
Command Injection
OWASP A03 — Injection

These are real vulnerabilities found in production systems every day. Now you know how to spot them — and how to defend against them.