In the section on Sensitive Data Exposure the question is to “Check the above login form for exposed passwords. Submit the password as the answer.” However, I have no idea what website I’m supposed to be looking at. The same goes for the next section on HTML Injection. There is a question which refers to a website but again, I don’t know what website I’m supposed to be analyzing for the answer. What am I overlooking here?
Nevermind! I figured it out.
If anyone else has the same question, I figured out that we should spawn the target and go to that IP address in a browser.