Available for Free: Energy.js

This Challenge has been featured in the FIRSTCON23 CTF, as such it has been made available for free for 1 week: 8th June - 15th June

Try it now :point_right: Energy.js

One of the largest electricity providers in Australia was subjected to a password guessing attack. The attack resulted in unauthorised access to more than 300 customers.

The Energy.js challenge is inspired from this incident. Password guessing attack against authentication system is common. There are a few places where the system leaks user information.

Find these holes and effectively fix them.