baby BoneChewerCon

We are provided with this webpage:

At the bottom of the page we have a text input. Let’s enter something and submit.

It shows an error in the Laravel debugger (a PHP framework):

This is a bad practice and a security issue, since debuggers might contain sensitive information and most of them provide ways to execute code.

Flag

Indeed, we can find the flag in an environment variable named APP_KEY:

HTB{wh3n_th3_d3bugg3r_turns_4g41nst_th3_d3bugg33}