Our challenges do NOT require any bruteforcing/directory fuzzing/massive amounts of traffic. Please practise hacking on our challenges manually.
Failure to abide by the rules will put you at risk of being restricted from using our free challenges.
Checking if a whitelisted string is found is a bad approach
When you press
Begin Challenge you'll be sent to
https://www.bugbountytraining.com/challenges/challenge-16.php and will see
An attacker may want to obtain this value from their victim, but how could they do this?
This is your objective. Find a way to obtain the information when your victim (you) visits your proof of concept.