# Challenge hunting
This part of the book can be read from end to end as a *hacking guide*. Used in that way you will be walked through various types of web vulnerabilities and learn how to exploit their occurrences in the **E. Corp Shop** application. Alternatively you can start hacking the **E. Corp Shop** on your own and use this part simply as a reference and *source of hints* in case you get stuck at a particular challenge.
In case you want to look up hints for a particular challenge, the following tables lists all challenges of the **E. Corp Shop** grouped by their difficulty and in the same order as they appear on the Score Board.
## Trivial Challenges ( 🌟 )
| Challenge | Description | Hints | Solution |
| -------------------- | -------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Admin Section | Access the administration section of the store. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-access-control#access-the-administration-section-of-the-store)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-access-control#access-the-administration-section-of-the-store) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#access-the-administration-section-of-the-store)🏆 |
| Confidental Document | Access a confidential document. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/sensitive-data-exposure#access-a-confidential-document)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/sensitive-data-exposure#access-a-confidential-document) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#access-a-confidential-document)🏆 |
| Error Handling | Provoke an error that is not very gracefully handled. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/security-misconfiguration#provoke-an-error-that-is-not-very-gracefully-handled)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/security-misconfiguration#provoke-an-error-that-is-not-very-gracefully-handled) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#provoke-an-error-that-is-not-very-gracefully-handled)🏆 |
| Redirects Tier 1 | Let us redirect you to a donation site that went out of business. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/forgotten-content#let-us-redirect-you-to-a-donation-site-that-went-out-of-business)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/forgotten-content#let-us-redirect-you-to-a-donation-site-that-went-out-of-business) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#let-us-redirect-you-to-a-donation-site-that-went-out-of-business)🏆 |
| Score Board | Find the carefully hidden 'Score Board' page. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/finding-the-score-board#find-the-carefully-hidden-score-board-page)[`💡`](https://pwning-wargames.gitbook.io/readme/part-ii/finding-the-score-board#find-the-carefully-hidden-score-board-page)[ ](https://pwning-wargames.gitbook.io/readme/part-ii/finding-the-score-board#find-the-carefully-hidden-score-board-page) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#find-the-carefully-hidden-score-board-page)🏆 |
| XSS Tier 1 | Perform a reflected XSS attack with ``. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/cross-site-scripting-xss#perform-a-reflected-xss-attack)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/cross-site-scripting-xss#perform-a-reflected-xss-attack) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#perform-a-reflected-xss-attack)🏆 |
| Zero Stars | Give a devastating zero-star feedback to the store. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/improper-input-validation#give-a-devastating-zero-star-feedback-to-the-store)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/improper-input-validation#give-a-devastating-zero-star-feedback-to-the-store) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#give-a-devastating-zero-star-feedback-to-the-store)🏆 |
## Easy Challenges ( 🌟🌟 )
| Challenge | Description | Hints | Solution |
| -------------------- | ------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Basket Access | Access someone else's basket. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-access-control#access-someone-elses-basket)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-access-control#access-someone-elses-basket) | 🏆 |
| Christmas Special | Order the Christmas special offer of 2014. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/injection#order-the-christmas-special-offer-of-2014)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/injection#order-the-christmas-special-offer-of-2014) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#order-the-christmas-special-offer-of-2014)🏆 |
| Deprecated Interface | Use a deprecated B2B interface that was not properly shut down. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/forgotten-content#use-a-deprecated-b2b-interface-that-was-not-properly-shut-down)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/forgotten-content#use-a-deprecated-b2b-interface-that-was-not-properly-shut-down) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#use-a-deprecated-b2b-interface-that-was-not-properly-shut-down)🏆 |
| Five-Star Feedback | Get rid of all 5-star customer feedback. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-access-control#get-rid-of-all-5-star-customer-feedback)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-access-control#get-rid-of-all-5-star-customer-feedback) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#get-rid-of-all-5-star-customer-feedback)🏆 |
| Login Admin | Log in with the administrator's user account. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/injection#log-in-with-the-administrators-user-account)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/injection#log-in-with-the-administrators-user-account) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#log-in-with-the-administrators-user-account)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#log-in-with-the-administrators-user-account) |
| Login MC SafeSearch | Log in with MC SafeSearch's original user credentials without applying SQL Injection or any other bypass. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/sensitive-data-exposure#log-in-with-mc-safesearchs-original-user-credentials)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/sensitive-data-exposure#log-in-with-mc-safesearchs-original-user-credentials) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#log-in-with-mc-safesearchs-original-user-credentials)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#log-in-with-mc-safesearchs-original-user-credentials) |
| Password Strength | Log in with the administrator's user credentials without previously changing them or applying SQL Injection. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-authentication#log-in-with-the-administrators-user-credentials-without-previously-changing-them-or-applying-sql-injection)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-authentication#log-in-with-the-administrators-user-credentials-without-previously-changing-them-or-applying-sql-injection) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#log-in-with-the-administrators-user-credentials-without-previously-changing-them-or-applying-sql-injection)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#log-in-with-the-administrators-user-credentials-without-previously-changing-them-or-applying-sql-injection) |
| Weird Crypto | Inform the shop about an algorithm or library it should definitely not use the way it does. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/sensitive-data-exposure#inform-the-shop-about-an-algorithm-or-library-it-should-definitely-not-use-the-way-it-does)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/sensitive-data-exposure#inform-the-shop-about-an-algorithm-or-library-it-should-definitely-not-use-the-way-it-does) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#inform-the-shop-about-an-algorithm-or-library-it-should-definitely-not-use-the-way-it-does)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#inform-the-shop-about-an-algorithm-or-library-it-should-definitely-not-use-the-way-it-does) |
## Medium Challenges ( 🌟🌟🌟 )
| Challenge | Description | Hints | Solution |
| ---------------------- | ------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Blockchain Tier 1 | Learn about the Token Sale before its official announcement. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/security-through-obscurity#learn-about-the-token-sale-before-its-official-announcement)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/security-through-obscurity#learn-about-the-token-sale-before-its-official-announcement) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#learn-about-the-token-sale-before-its-official-announcement)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#learn-about-the-token-sale-before-its-official-announcement) |
| Forged Feedback | Post some feedback in another users name. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-access-control#post-some-feedback-in-another-users-name)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-access-control#post-some-feedback-in-another-users-name) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#post-some-feedback-in-another-users-name)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#post-some-feedback-in-another-users-name) |
| Forgotten Sales Backup | Access a salesman's forgotten backup file. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/security-misconfiguration#access-a-salesmans-forgotten-backup-file)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/security-misconfiguration#access-a-salesmans-forgotten-backup-file) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#access-a-salesmans-forgotten-backup-file)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#access-a-salesmans-forgotten-backup-file) |
| Login Bender | Log in with Bender's user account. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/injection#log-in-with-benders-user-account)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/injection#log-in-with-benders-user-account) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#log-in-with-benders-user-account)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#log-in-with-benders-user-account) |
| Login Jim | Log in with Jim's user account. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/injection#log-in-with-jims-user-account)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/injection#log-in-with-jims-user-account) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#log-in-with-jims-user-account)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#log-in-with-jims-user-account) |
| Payback Time | Place an order that makes you rich. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/improper-input-validation#place-an-order-that-makes-you-rich)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/improper-input-validation#place-an-order-that-makes-you-rich) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#place-an-order-that-makes-you-rich)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#place-an-order-that-makes-you-rich) |
| Product Tampering | Change the `href` of the link within the O-Saft product description into . | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-access-control#change-the-href-of-the-link-within-the-o-saft-product-description)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-access-control#change-the-href-of-the-link-within-the-o-saft-product-description) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#change-the-href-of-the-link-within-the-o-saft-product-description)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#change-the-href-of-the-link-within-the-o-saft-product-description) |
| Reset Jim's Password | Reset Jim's password via the Forgot Password mechanism with *the truthful answer* to his security question. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-authentication#reset-jims-password-via-the-forgot-password-mechanism)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-authentication#reset-jims-password-via-the-forgot-password-mechanism) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#reset-jims-password-via-the-forgot-password-mechanism)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#reset-jims-password-via-the-forgot-password-mechanism) |
| Upload Size | Upload a file larger than 100 kB. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/improper-input-validation#upload-a-file-larger-than-100-kb)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/improper-input-validation#upload-a-file-larger-than-100-kb) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#upload-a-file-larger-than-100-kb)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#upload-a-file-larger-than-100-kb) |
| Upload Type | Upload a file that has no .pdf extension. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/improper-input-validation#upload-a-file-that-has-no-pdf-extension)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/improper-input-validation#upload-a-file-that-has-no-pdf-extension) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#upload-a-file-that-has-no-pdf-extension)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#upload-a-file-that-has-no-pdf-extension) |
| XSS Tier 2 | Perform a persisted XSS attack with `` bypassing a client-side security mechanism. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/cross-site-scripting-xss#perform-a-persisted-xss-attack-bypassing-a-client-side-security-mechanism)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/cross-site-scripting-xss#perform-a-persisted-xss-attack-bypassing-a-client-side-security-mechanism) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#perform-a-persisted-xss-attack-bypassing-a-client-side-security-mechanism)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#perform-a-persisted-xss-attack-bypassing-a-client-side-security-mechanism) |
| XSS Tier 3 | Perform a persisted XSS attack with `` without using the frontend application at all. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/cross-site-scripting-xss#perform-a-persisted-xss-attack-without-using-the-frontend-application-at-all)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/cross-site-scripting-xss#perform-a-persisted-xss-attack-without-using-the-frontend-application-at-all) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#perform-a-persisted-xss-attack-without-using-the-frontend-application-at-all)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#perform-a-persisted-xss-attack-without-using-the-frontend-application-at-all) |
| XXE Tier 1 | Retrieve the content of `C:\Windows\system.ini` or `/etc/passwd` from the server. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/xml-external-entities-xxe#retrieve-the-content-of-cwindowssystemini-or-etcpasswd-from-the-server)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/xml-external-entities-xxe#retrieve-the-content-of-cwindowssystemini-or-etcpasswd-from-the-server) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#retrieve-the-content-of-cwindowssystemini-or-etcpasswd-from-the-server)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#retrieve-the-content-of-cwindowssystemini-or-etcpasswd-from-the-server) |
## Hard Challenges ( 🌟🌟🌟🌟 )
| Challenge | Description | Hints | Solution |
| -------------------------- | ---------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| CSRF | Change Bender's password into *slurmCl4ssic* without using SQL Injection. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-authentication#change-benders-password-into-slurmcl4ssic-without-using-sql-injection)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-authentication#change-benders-password-into-slurmcl4ssic-without-using-sql-injection) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#change-benders-password-into-slurmcl4ssic-without-using-sql-injection)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#change-benders-password-into-slurmcl4ssic-without-using-sql-injection) |
| Easter Egg Tier 1 | Find the hidden easter egg. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/roll-your-own-security#find-the-hidden-easter-egg)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/roll-your-own-security#find-the-hidden-easter-egg) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#find-the-hidden-easter-egg)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#find-the-hidden-easter-egg) |
| Easter Egg Tier 2 | Apply some advanced cryptanalysis to find *the real* easter egg. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/security-through-obscurity#apply-some-advanced-cryptanalysis-to-find-the-real-easter-egg)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/security-through-obscurity#apply-some-advanced-cryptanalysis-to-find-the-real-easter-egg) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#apply-some-advanced-cryptanalysis-to-find-the-real-easter-egg)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#apply-some-advanced-cryptanalysis-to-find-the-real-easter-egg) |
| Eye Candy | Travel back in time to the golden era of web design. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/forgotten-content#travel-back-in-time-to-the-golden-era-of-web-design)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/forgotten-content#travel-back-in-time-to-the-golden-era-of-web-design) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#travel-back-in-time-to-the-golden-era-of-web-design)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#travel-back-in-time-to-the-golden-era-of-web-design) |
| Forgotten Developer Backup | Access a developer's forgotten backup file. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/roll-your-own-security#access-a-developers-forgotten-backup-file)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/roll-your-own-security#access-a-developers-forgotten-backup-file) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#access-a-developers-forgotten-backup-file)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#access-a-developers-forgotten-backup-file) |
| Login Bjoern | Log in with Bjoern's user account without previously changing his password, applying SQL Injection, or hacking his Google account. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-authentication#log-in-with-bjoerns-user-account)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-authentication#log-in-with-bjoerns-user-account) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#log-in-with-bjoerns-user-account)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#log-in-with-bjoerns-user-account) |
| Misplaced Signature File | Access a misplaced SIEM signature file. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/roll-your-own-security#access-a-misplaced-siem-signature-file)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/roll-your-own-security#access-a-misplaced-siem-signature-file) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#access-a-misplaced-siem-signature-file)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#access-a-misplaced-siem-signature-file) |
| NoSQL Injection Tier 1 | Let the server sleep for some time. (It has done more than enough hard work for you) | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/injection#let-the-server-sleep-for-some-time)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/injection#let-the-server-sleep-for-some-time) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#let-the-server-sleep-for-some-time)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#let-the-server-sleep-for-some-time) |
| NoSQL Injection Tier 2 | Update multiple product reviews at the same time. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/injection#update-multiple-product-reviews-at-the-same-time)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/injection#update-multiple-product-reviews-at-the-same-time) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#update-multiple-product-reviews-at-the-same-time)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#update-multiple-product-reviews-at-the-same-time) |
| Redirects Tier 2 | Wherever you go, there you are. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/roll-your-own-security#wherever-you-go-there-you-are)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/roll-your-own-security#wherever-you-go-there-you-are) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#wherever-you-go-there-you-are)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#wherever-you-go-there-you-are) |
| Reset Bender's Password | Reset Bender's password via the Forgot Password mechanism with *the truthful answer* to his security question. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-authentication#reset-benders-password-via-the-forgot-password-mechanism)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-authentication#reset-benders-password-via-the-forgot-password-mechanism) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#reset-benders-password-via-the-forgot-password-mechanism)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#reset-benders-password-via-the-forgot-password-mechanism) |
| Typosquatting Tier 1 | Inform the shop about a *typosquatting* trick it has become victim of. (Mention the exact name of the culprit) | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/vulnerable-components#inform-the-shop-about-a-typosquatting-trick-it-has-become-victim-of)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/vulnerable-components#inform-the-shop-about-a-typosquatting-trick-it-has-become-victim-of) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#inform-the-shop-about-a-typosquatting-trick-it-has-become-victim-of)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#inform-the-shop-about-a-typosquatting-trick-it-has-become-victim-of) |
| User Credentials | Retrieve a list of all user credentials via SQL Injection | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/injection#retrieve-a-list-of-all-user-credentials-via-sql-injection)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/injection#retrieve-a-list-of-all-user-credentials-via-sql-injection) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#retrieve-a-list-of-all-user-credentials-via-sql-injection)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#retrieve-a-list-of-all-user-credentials-via-sql-injection) |
| Vulnerable Library | Inform the shop about a vulnerable library it is using. (Mention the exact library name and version in your comment) | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/vulnerable-components#inform-the-shop-about-a-vulnerable-library-it-is-using)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/vulnerable-components#inform-the-shop-about-a-vulnerable-library-it-is-using) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#inform-the-shop-about-a-vulnerable-library-it-is-using)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#inform-the-shop-about-a-vulnerable-library-it-is-using) |
| XSS Tier 4 | Perform a persisted XSS attack with `` bypassing a server-side security mechanism. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/cross-site-scripting-xss#perform-a-persisted-xss-attack-bypassing-a-server-side-security-mechanism)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/cross-site-scripting-xss#perform-a-persisted-xss-attack-bypassing-a-server-side-security-mechanism) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#perform-a-persisted-xss-attack-bypassing-a-server-side-security-mechanism)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#perform-a-persisted-xss-attack-bypassing-a-server-side-security-mechanism) |
## Dreadful Challenges ( 🌟🌟🌟🌟🌟 )
| Challenge | Description | Hints | Solution |
| ----------------------- | --------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| CAPTCHA Bypass | Submit 10 or more customer feedbacks within 10 seconds. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/roll-your-own-security#submit-10-or-more-customer-feedbacks-within-10-seconds)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/roll-your-own-security#submit-10-or-more-customer-feedbacks-within-10-seconds) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#submit-10-or-more-customer-feedbacks-within-10-seconds)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#submit-10-or-more-customer-feedbacks-within-10-seconds) |
| Extra Language | Retrieve the language file that never made it into production. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/forgotten-content#retrieve-the-language-file-that-never-made-it-into-production)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/forgotten-content#retrieve-the-language-file-that-never-made-it-into-production) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#retrieve-the-language-file-that-never-made-it-into-production)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#retrieve-the-language-file-that-never-made-it-into-production) |
| JWT Issues Tier 1 | Forge an essentially unsigned JWT token that impersonates the (non-existing) user **. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/vulnerable-components#forge-an-essentially-unsigned-jwt-token)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/vulnerable-components#forge-an-essentially-unsigned-jwt-token) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#forge-an-essentially-unsigned-jwt-token)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#forge-an-essentially-unsigned-jwt-token) |
| Login CISO | Exploit OAuth 2.0 to log in with the Chief Information Security Officer's user account. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-authentication#exploit-oauth-20-to-log-in-with-the-cisos-user-account)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-authentication#exploit-oauth-20-to-log-in-with-the-cisos-user-account) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#exploit-oauth-20-to-log-in-with-the-chief-information-security-officers-user-account)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#exploit-oauth-20-to-log-in-with-the-chief-information-security-officers-user-account) |
| RCE Tier 1 | Perform a Remote Code Execution that would keep a less hardened application busy forever. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/insecure-deserialization#perform-a-remote-code-execution-that-would-keep-a-less-hardened-application-busy-forever)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/insecure-deserialization#perform-a-remote-code-execution-that-would-keep-a-less-hardened-application-busy-forever) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#perform-a-remote-code-execution-that-would-keep-a-less-hardened-application-busy-forever)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#perform-a-remote-code-execution-that-would-keep-a-less-hardened-application-busy-forever) |
| Reset Bjoern's Password | Reset Bjoern's password via the Forgot Password mechanism with *the truthful answer* to his security question. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-authentication#reset-bjoerns-password-via-the-forgot-password-mechanism)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/broken-authentication#reset-bjoerns-password-via-the-forgot-password-mechanism) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#reset-bjoerns-password-via-the-forgot-password-mechanism)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#reset-bjoerns-password-via-the-forgot-password-mechanism) |
| Reset Morty's Password | Reset Morty's password via the Forgot Password mechanism with *his obfuscated answer* to his security question. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/security-misconfiguration#reset-mortys-password-via-the-forgot-password-mechanism)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/security-misconfiguration#reset-mortys-password-via-the-forgot-password-mechanism) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#reset-mortys-password-via-the-forgot-password-mechanism)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#reset-mortys-password-via-the-forgot-password-mechanism) |
| Retrieve Blueprint | Deprive the shop of earnings by downloading the blueprint for one of its products | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/forgotten-content#deprive-the-shop-of-earnings-by-downloading-the-blueprint-for-one-of-its-products)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/forgotten-content#deprive-the-shop-of-earnings-by-downloading-the-blueprint-for-one-of-its-products) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#deprive-the-shop-of-earnings-by-downloading-the-blueprint-for-one-of-its-products)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#deprive-the-shop-of-earnings-by-downloading-the-blueprint-for-one-of-its-products) |
| Typosquatting Tier 2 | Inform the shop about a more literal instance of *typosquatting* it fell for. (Mention the exact name of the culprit) | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/vulnerable-components#inform-the-shop-about-a-more-literal-instance-of-typosquatting-it-fell-for)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/vulnerable-components#inform-the-shop-about-a-more-literal-instance-of-typosquatting-it-fell-for) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#inform-the-shop-about-a-more-literal-instance-of-typosquatting-it-fell-for)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#inform-the-shop-about-a-more-literal-instance-of-typosquatting-it-fell-for) |
| XXE Tier 2 | Give the server something to chew on for quite a while. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/xml-external-entities-xxe#give-the-server-something-to-chew-on-for-quite-a-while)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/xml-external-entities-xxe#give-the-server-something-to-chew-on-for-quite-a-while) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#give-the-server-something-to-chew-on-for-quite-a-while)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#give-the-server-something-to-chew-on-for-quite-a-while) |
## Diabolic Challenges ( 🌟🌟🌟🌟🌟🌟 )
| Challenge | Description | Hints | Solution |
| ------------------- | ----------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Forged Coupon | Forge a coupon code that gives you a discount of at least 80%. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/sensitive-data-exposure#forge-a-coupon-code-that-gives-you-a-discount-of-at-least-80)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/sensitive-data-exposure#forge-a-coupon-code-that-gives-you-a-discount-of-at-least-80) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#forge-a-coupon-code-that-gives-you-a-discount-of-at-least-80)🏆[: ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#forge-a-coupon-code-that-gives-you-a-discount-of-at-least-80) |
| Imaginary Challenge | Solve challenge #99. Unfortunately, this challenge does not exist. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/sensitive-data-exposure#solve-challenge-99)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/sensitive-data-exposure#solve-challenge-99) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#solve-challenge-99)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#solve-challenge-99) |
| JWT Issues Tier 2 | Forge an almost properly RSA-signed JWT token that impersonates the (non-existing) user **. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/vulnerable-components#forge-an-almost-properly-rsa-signed-jwt-token)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/vulnerable-components#forge-an-almost-properly-rsa-signed-jwt-token) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#forge-an-almost-properly-rsa-signed-jwt-token)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#forge-an-almost-properly-rsa-signed-jwt-token) |
| Login Support Team | Log in with the support team's original user credentials without applying SQL Injection or any other bypass. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/security-misconfiguration#log-in-with-the-support-teams-original-user-credentials)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/security-misconfiguration#log-in-with-the-support-teams-original-user-credentials) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#log-in-with-the-support-teams-original-user-credentials)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#log-in-with-the-support-teams-original-user-credentials) |
| Premium Paywall | Unlock Premium Challenge to access exclusive content. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/sensitive-data-exposure#unlock-premium-challenge-to-access-exclusive-content)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/sensitive-data-exposure#unlock-premium-challenge-to-access-exclusive-content) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#unlock-premium-challenge-to-access-exclusive-content)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#unlock-premium-challenge-to-access-exclusive-content) |
| RCE Tier 2 | Perform a Remote Code Execution that occupies the server for a while without using infinite loops. | [ ](https://pwning-wargames.gitbook.io/readme/part-ii/insecure-deserialization#perform-a-remote-code-execution-that-occupies-the-server-for-a-while-without-using-infinite-loops)💡[ ](https://pwning-wargames.gitbook.io/readme/part-ii/insecure-deserialization#perform-a-remote-code-execution-that-occupies-the-server-for-a-while-without-using-infinite-loops) | [ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#perform-a-remote-code-execution-that-occupies-the-server-for-a-while-without-using-infinite-loops)🏆[ ](https://github.com/MrBoy31/pwning-bb-wargames/tree/f91da0f4e2fc196c7c04ea1c9ac3fd4dac131a54/appendix/solutions.md#perform-a-remote-code-execution-that-occupies-the-server-for-a-while-without-using-infinite-loops) |