1. Web Security Academy
  2. Information disclosure
  3. Exploiting
  4. Lab

Lab: Source code disclosure via backup files

APPRENTICE

This lab leaks its source code via backup files in a hidden directory. To solve the lab, identify and submit the database password, which is hard-coded in the leaked source code.

Find information disclosure vulnerabilities using Burp Suite

The benefits of working through PortSwigger's Web Security Academy

Get started with the Web Security Academy where you can practise exploiting vulnerabilities on realistic targets .. and its free!

Already got an account? Login here