Information disclosure on debug page
This lab contains a debug page that discloses sensitive information about the application.
Reproduction and proof of concept
With Burp running, browse to the home page.
Go to the Target -> Site Map tab. Right-click on the top-level entry for the lab and select Engagement tools -> Find comments. The home page contains an HTML comment that contains a link called Debug. This points to
In the site map, right-click on the entry for
/cgi-bin/phpinfo.phpand select Send to Repeater.
In Burp Repeater, send the request to retrieve the file. It reveals debugging information, including the
Go back to the lab, click Submit solution, and enter the
SECRET_KEYto solve the lab.
An attacker will need to obtain and submit the
SECRET_KEY environment variable.