Labs / Corporate Breach 2

Challenge
Released 09 Jul 2025

Corporate Breach 2

Start the machine, hack the system, and find the hidden flags to complete this challenge and earn points!

1

Flags

1

Points

Challenge

Solution Available

Pro Exclusive

Start Lab Environment

~1-2 min setup

AWS dedicated

Private instance

Industry standard

Challenge

Corporate Breach 2 - Solution Walkthrough

Step 1: Reconnaissance

Access the corporate website at
Explore the navigation and observe the URL structure
Notice the page parameter in URLs like ?page=about

Step 2: Understanding the Vulnerability

The application uses include $page . '.php'
This means ?page=about becomes include 'about.php'
Try accessing ?page=admin/index
This becomes include 'admin/index.php'

Step 3: Exploiting the LFI

Navigate to ?page=admin/index
This will include the admin panel file
The admin panel will display the flag

Step 4: The Flag

The flag is displayed in the admin panel: 6a702640-7e26-47fb-ab55-93475c2d6040
Submit this as your answer

Technical Details

This demonstrates a more subtle LFI vulnerability
The automatic .php extension can be exploited to access files in subdirectories
No directory traversal needed - just path manipulation
Shows the importance of proper file inclusion validation

Corporate Breach 2

Challenge 1 points

Writeup Guidelines

Share your solution approach, methodology, and insights. Your writeup will be reviewed before being published to the community. Earn +1 bonus point when your writeup is approved!

Requirements:

No flag content: Do not reveal actual flag values or passwords in your writeup
Include lab link: Your writeup must contain a direct link to this lab for reference
Educational focus: Explain your methodology, tools used, and learning insights

Writeup URL *

Link to your blog post, GitHub repository, or any platform where you've published your writeup
Remember to include this lab's URL in your writeup: https://hackerdna.com/labs/corporate-breach-2

Language *

Help others find writeups in their preferred language

Confirmation Required

I confirm that my writeup includes a direct link to this lab

Your writeup must reference this lab's URL: https://hackerdna.com/labs/corporate-breach-2

I confirm that my writeup does NOT contain flag content or critical information

Do not include actual flags, passwords, or other sensitive information that would spoil the challenge