Verbose Errors Challenge

Easy 150 Points Verbose Errors

Challenge Description

Applications running in debug mode often display detailed error messages that reveal sensitive information like stack traces, database queries, connection strings, and internal system details.

Objective: Extract sensitive information from verbose error messages to find the hidden flag. The flag format is FLAG{...}

Application Login (Debug Mode Enabled)

Username

Password

Try different usernames and passwords to trigger various error messages

API Explorer (Debug Mode Enabled)

Method

Endpoint

Quick access:

Submit Flag

Hints -10% per hint

Hints revealed: 0 / 5
Score penalty: 0%

What Verbose Errors Reveal

Stack traces with file paths
Database connection strings
SQL queries and table structures
User enumeration (different errors)
Internal IP addresses and hostnames
Framework and version information
API keys and secrets in logs

Learning Resources

OWASP A05:2021
Error Handling Cheat Sheet
CWE-209: Information Exposure