SuperCheater

S C E N A R I O
Welcome to Superheroes High School, where students compete through online exams to climb the leaderboard and earn the Hero’s Prize. However, the system handling submissions and grading contains several critical vulnerabilities. By carefully analyzing how the platform works, it may be possible to exploit weaknesses in both the frontend and backend logic to gain an unfair advantage and rise to the top.

O B J E C T I V E
Analyze the web application as a black-box target. Identify and exploit vulnerabilities such as stored XSS and insecure API endpoints. Use these weaknesses to gain elevated privileges, manipulate grading functionality, and alter leaderboard rankings to reach the top position and obtain the final reward.
Flag Format: Flag{...}

User Credentials: SuperCheater:Sup3rCh34t3r#@   

Infrastructure Web Application (Student & Teacher Dashboards, REST API)

Provided Files None (black-box testing)

Flag Format Flag{...}