WEBVERSE

Loading...

Quarter Shift
hardFree

Quarter Shift

Quarter Shift is a retro online casino platform with browser games, tournament APIs, single sign-on, and an internal backoffice.

graphql-introspectioncache-poisoningbolajwt-none-algssrfidor
pythonflasksqlitegraphqlariadnejwt
Start This Lab

The Scenario

Quarter Shift runs a retro-styled online casino experience with browser games, weekly tournaments, and a public leaderboard.

The company recently rolled out kiosk clients for on-prem promo events, plus a new moderator program for tournament operations.

They want a full adversarial verification of the platform's public properties, the tournament API layer, and any "internal-only"

backoffice tooling that might be reachable through unexpected paths.

Lab Intel

Synopsis

Quarter Shift have enlisted your services to perform a full adversarial assessment of their retro online casino platform -- covering the public-facing portal, tournament API layer, and any internal backoffice tooling that may be reachable through unexpected paths.

Architecture

A hard-rated lab featuring a retro online casino built on Flask, SQLite, and GraphQL (Ariadne), served from a single container hosting seven virtual subdomains (portal, games, scores, auth, ops, dashboard, and the root site). It stands out for its multi-stage attack chain that weaves together GraphQL introspection, cache poisoning, JWT forgery, and SSRF into a single cohesive engagement.

Who It's For

Aimed at intermediate-to-advanced practitioners who are comfortable with subdomain enumeration, API testing, and token manipulation. You should already have experience crafting GraphQL queries, intercepting and replaying HTTP requests, and understanding how web caches and JWT signatures work.

Skills You'll Practice

  • HTTP proxy usage (Burp Suite or similar)
  • Subdomain enumeration and virtual host discovery
  • GraphQL query construction and introspection analysis
  • JWT structure and signature verification concepts
  • Basic understanding of web caching behaviour

What You'll Gain

  • GraphQL introspection exploitation
  • Cache key poisoning via header manipulation
  • IDOR / BOLA on user-scoped queries
  • JWT alg:none signature bypass
  • SSRF to internal services

Ready to hack Quarter Shift?

This lab is free. Sign up and start hacking.

Start This Lab