BugHuntEnvironment / openenv.yaml
dr4g0n369's picture
Initial submission: Bug Hunter Env
65ac9e6
Raw
History Blame Contribute Delete
642 Bytes
spec_version: 1
name: bug_hunter_env
type: space
runtime: fastapi
app: server.app:app
port: 8000
tasks:
- id: idor
name: "IDOR Discovery"
description: "Find the hidden admin user profile by exploiting an Insecure Direct Object Reference"
difficulty: easy
max_steps: 10
- id: sqli
name: "SQL Injection"
description: "Bypass the login form authentication using SQL injection"
difficulty: medium
max_steps: 15
- id: path_traversal
name: "Path Traversal"
description: "Gain admin access via SQL injection, then bypass the WAF to read sensitive server files"
difficulty: hard
max_steps: 20