Replies: 2 comments
-
Sent a feedback, but pasting here for ref : Spoilers ahead
Also, "random UA gives password" is not that "real-world" as well. I didn't expect at all that it will spit out the flag when I used some random UA to send the request. What real server would do that? I don't really know why this scenario is put like this. Probably you wanted to test if the user knows they can use arbitrary UA to troubleshoot some web services? Anyway, the scenario in the current form feels pretty strange to me. Probably it's too different from other scenarios. |
Beta Was this translation helpful? Give feedback.
-
Hello, thanks for your comment. I'm not sure what "UA" means :-) This is not a realistic scenario in itself, but the themes in it and the skills and tools to solve it I think are realistic. |
Beta Was this translation helpful? Give feedback.
-
Discussions about scenario Paris
Beta Was this translation helpful? Give feedback.
All reactions