Introducing the Mystery Lab Challenge | Blog

For anyone who has ever used Web Security Academy, you will be quite familiar with the format. For those of you who didn’t have the fun, the process goes something like this:

  1. Select a set of subject-based learning materials – for example, SSRF.
  2. Read the learning materials and expand your vulnerability knowledge
  3. At various stages of the learning material, you will come across a lab (a deliberately vulnerable website). The laboratory, with a clear objective, allows you to test the skills you have just acquired.

If the desired outcome is just to deepen your knowledge of a specific vulnerability and how to find and exploit it, the Learning Materials Labs are exactly what you need. However, as we all know, that’s not exactly how things happen in nature.

With that in mind, we decided it was time to add a recognition element to the academy. In the real world, the term recognition often refers to finding target websites in the first place. However, as this particular piece of the puzzle is provided to you, the Mystery Lab challenge is more about attempting an “in-app” reconnaissance.

This new feature gives academy users the chance to find and exploit vulnerabilities by generating a random lab to test their skills – try the mystery lab challenge now…

Understand the goal

Both in the Web Security Academy and in the wild, the goal can often look like this: hunt down and exploit any vulnerabilities present. In the Web Security Academy, you already know what you are looking for and often receive several clues on the steps to follow to discover and exploit the vulnerability.

For anyone who’s ever done bug bounty hunting or real-world pentesting, you’ll be well acquainted with the recognition requirements. If you’ve only practiced these skills in a secure environment, like the Web Security Academy, you may have less experience with this crucial skill.

Looking at an academy lab on SSRF – for example, “SSRF with filter bypass via open redirect vulnerability” – you can see that the name of the lab has already told us what the vulnerability class is and how to overcome any obstacles to the exploitation you encounter.

By comparison, a pentester may be given a task in which they are tasked with discovering all vulnerabilities – or only discovering high-impact, unauthenticated issues. Apart from knowledge of the impact, they do not receive any additional information – they must rely on their own knowledge and apply the appropriate frameworks to achieve the goal.

Therefore, to allow Web Security Academy to better prepare its users for hunting and testing in the wild, we decided that we had to take the challenge a step further. In order to mimic a real-life situation as closely as possible, we have launched a brand new feature on the Web Security Academy: the Mystery Lab Challenge.

What is the mystery lab challenge?

As the name probably suggests, this new feature gives academy users the ability to find and exploit vulnerabilities by spawning a random lab to test their skills. The mystery lab challenge has three basic settings, which are as follows:

  • Select the lab level you want to try and solve, but leave the subject up to chance.
  • Select both the workshop level and the desired topic, then randomly generate one of the workshops for that topic.
  • Leave the lab level and subject unspecified and run a completely random lab from anywhere in the academy.

When your Mysterious Lab first spawns, the objective will be completely hidden – naturally, this presents the more difficult version of the challenge. You can choose to show the objective if you need a little direction, and if you’re really struggling, you can also completely anonymize the lab.

The idea behind this new feature is that by removing some of the context that labs provide to you, we are able to introduce an element of recognition into your academic experience. Why not take a spin and try your luck with the mystery lab challenge?