📋 Challenge Description
You've discovered a REST API with limited documentation. The API has a hidden admin endpoint that returns sensitive data including a flag. Your task is to discover and exploit the hidden endpoint by analyzing the API responses and structure.
Objective: Find the secret endpoint and parameters to retrieve the flag.
📚 Public API Documentation
GET
/api/v1/users
Returns list of public users
Response: {"users": [...], "count": number}
GET
/api/v1/info
Returns API information and version
Response: {"version": "...", "endpoints": number}
POST
/api/v1/login
User authentication (disabled in demo)
Parameters: {"username": "...", "password": "..."}
💡 Hints to Get Started:
1. Check API Info: Start by calling /api/v1/info to learn about the API structure.
2. Hidden Endpoints: APIs often have undocumented admin/debug endpoints. Common patterns: /admin, /debug, /internal, /secret
3. Version Numbers: Try different API versions: /api/v1/, /api/v2/, /api/admin/
4. Parameter Discovery: Some endpoints require special parameters like ?admin=true or {"role": "admin"}
5. Try This: /api/v1/admin with parameter {"auth": "secret"}
6. Response Clues: Look at the "endpoints" count in /api/v1/info - there are more than documented!