TryHackMe: OWASP Top 10 || Severity 2 || Broken Authentication Practical

The main goal of this exercise is to exploit the logic flaw within the authentication mechanism.

#1 What is the flag that you found in darren’s account?

#2 What is the flag that you found in arthur’s account?

For these two challenges,

• Register the same username but with a space in front, e.g. “ darren”. This will register a new user for you.
• Due to the application only validates the username without proper sanitization of user’s input, this exploitation works.