Header Hunt
Arc Logistics — a mid-sized regional freight carrier — just launched their public shipment tracking site. The build team rushed to hit the Q2 deadline and merged a debugging branch the night before launch. Nobody asked what got left behind.
Room Description
https://dashboard.webverselabs-pro.com/challenges/header-hunt
Scenario
Arc Logistics — a mid-sized regional freight carrier — just launched their public shipment tracking site. The build team rushed to hit the Q2 deadline and merged a debugging branch the night before launch. Nobody asked what got left behind.
Objective
Arc Logistics ships a shiny new tracking portal. Marketing loves it. A developer didn't quite clean up after themselves before launch.
Initial Analysis
Now, this is a pretty simple challenge, hence why it is tagged as Basics, since this is a starting point for the Junior Web Penetration Tester learning path. We have a web application that we can browse through.
Everything seems proper, until you actually go through your Requests and see what is being sent and received.
Finding the bug
Opening up Burp Suite and looking through the HTTP History we can see a pesky little header that is probably left over from the development build holding the flag.
You can also see the headers being sent and being received through the Network tool in DevTools.
