Postman

SCENARIO

A translation service built for VIP users, complete with a role-based permission system backed by JWT tokens. Guests can create messages, VIPs can translate them, and the developer is confident no one is crossing that line.

You have full access to the source code. Start as a guest, read the code carefully, and find a way to access what you are not supposed to reach.

Login with guest:guest

Flag format: flag{}

Infrastructure

- Docker Container — HTTP on port 8000

Provided Files

- POSTMAN.zip (6.1 KB)