{
    "id": "6fc15029-842f-3d13-9947-2fe355f85bcb",
    "name": "PHP Ticket System",
    "slug": "php-ticket-system",
    "status": "published",
    "lab_type": "pta",
    "is_sample": false,
    "duration_in_seconds": 1800,
    "metadata": {
        "courses": [
            "1dce1618-55b6-4205-9799-e509ad2b2c77",
            "dc037f46-aaf2-34a5-9a7b-d8c2b4b8a1e2"
        ],
        "pta_sdn": "291",
        "collections": [
            "f3ae31a7-fd5c-40fc-aa1d-4d20ffe55c22",
            "dc933403-f048-47e0-a024-22a277fdd4ea"
        ],
        "pta_namespace": "attackdefenselabs",
        "learning_paths": [],
        "has_published_parent": true
    },
    "session": {
        "id": "041139aa-3fca-422b-a70d-6221e193f981",
        "user_id": "5dde02c1-353c-4e44-af4d-e217c38efd6a",
        "lab": {
            "id": "6fc15029-842f-3d13-9947-2fe355f85bcb",
            "name": "PHP Ticket System",
            "lab_type": "pta"
        },
        "pta_url": "https://lm4n9wmpnl9pfwgib63qmpywk.us-east-10.attackdefensecloudlabs.com",
        "last_started_at": "2024-12-13T14:01:51.542567Z",
        "terminated_at": "2024-12-13T15:42:09.529373Z",
        "running_time": 6017,
        "metadata": {
            "layout": "en-us-qwerty",
            "region": "US-East",
            "context": {
                "parent_id": "1dce1618-55b6-4205-9799-e509ad2b2c77",
                "parent_name": "Authentication & Session Management Testing",
                "parent_type": "course"
            }
        },
        "status": "terminated",
        "created": "2024-12-13T14:01:51.542595Z",
        "modified": "2024-12-13T15:42:09.533508Z",
        "duration_in_seconds": 6008,
        "shutdown_time": 10800
    },
    "company": "a491bc32-c056-4946-9169-cc053387bada",
    "created": "2022-03-17T11:44:39.202886Z",
    "modified": "2025-01-07T19:59:18.971747Z",
    "is_beta": false,
    "lab_objectives": [],
    "main_learning_area": "3e1aa06f-2e9f-4789-b50d-aa027ad8dcfa",
    "learning_areas": [
        {
            "id": "3e1aa06f-2e9f-4789-b50d-aa027ad8dcfa",
            "name": "Cyber Security",
            "slug": "cyber-security"
        }
    ],
    "categories": [
        {
            "id": "5178026a-6d8d-44c7-8764-e6f7b5ff7a32",
            "name": "CSRF"
        },
        {
            "id": "cc267e8b-484f-4f75-850f-39adc4433adf",
            "name": "Real World WebApps"
        }
    ],
    "tags": [],
    "difficulty": "professional",
    "is_web_access": false,
    "is_lab_experience": true,
    "is_featured": false,
    "cve": null,
    "severity": null,
    "year": null,
    "classification": null,
    "is_trackable": false,
    "cpe_credits": 0,
    "is_skill_check": false,
    "external_url": "",
    "solution_video": "7d9e72e1-883a-3182-b102-81f07f54d2da",
    "explanation_video": null,
    "description": "In this exercise, the attacker has admin access already so there is nothing more to be done. However, looks like the admin access does lead to a\u00a0cross site request forgery attack\u00a0attack. So you can try to find this\u00a0cross site request forgery attack\u00a0as purely academic exercise.",
    "description_html": "<p>In this exercise, the attacker has admin access already so there is nothing more to be done. However, looks like the admin access does lead to a\u00a0cross site request forgery attack\u00a0attack. So you can try to find this\u00a0cross site request forgery attack\u00a0as purely academic exercise.</p>",
    "tasks": "A version of\u00a0PHP Ticket System\u00a0is vulnerable to cross site request forgery attack.\u00a0The following username and passwords may be used to explore the application and/or find a vulnerability which might require authenticated access:  \n\n\n| Username | Password |\n| admin | 123321 |\n\n  \nObjective:\u00a0Your task is to find and exploit this vulnerability.",
    "tasks_html": "<p>A version of\u00a0PHP Ticket System\u00a0is vulnerable to cross site request forgery attack.\u00a0The following username and passwords may be used to explore the application and/or find a vulnerability which might require authenticated access:  </p>\n<p>| Username | Password |\n| admin | 123321 |</p>\n<p>Objective:\u00a0Your task is to find and exploit this vulnerability.</p>",
    "published_date": "2022-03-17T11:44:39.202886Z",
    "solutions": "The solution for this lab can be found in the following manual:\n        <a href=\"https://assets.ine.com/labs/ad-manuals/walkthrough-291.pdf\" target=\"blank\">https://assets.ine.com/labs/ad-manuals/walkthrough-291.pdf</a>",
    "solutions_html": "<p>The solution for this lab can be found in the following manual:\n        <a href=\"https://assets.ine.com/labs/ad-manuals/walkthrough-291.pdf\" target=\"blank\">https://assets.ine.com/labs/ad-manuals/walkthrough-291.pdf</a></p>",
    "flags": [],
    "min_points_to_pass": null,
    "access_type": "default",
    "user_status": "finished",
    "user_lab_status": {
        "user_id": "5dde02c1-353c-4e44-af4d-e217c38efd6a",
        "lab": "6fc15029-842f-3d13-9947-2fe355f85bcb",
        "status": "finished",
        "created": "2024-12-13T14:01:51.598467Z",
        "modified": "2024-12-13T14:02:24.224369Z",
        "lab_type": "pta",
        "flags": [],
        "lab_objectives": [],
        "last_activity_date": "2024-12-13T14:02:24.218358Z"
    },
    "user_status_modified": "2024-12-13T14:02:24.224369Z",
    "user_flags": [],
    "global_running_session": null
}