This will be solution for Level 10 Practical Web Hacking CTF #2.
This level we have a browser game, the objective is to find a way to win the game wihout losing to much time.
This level is very similar to level 1, in the way that nothing in the users side should be trusded, so here’s what we need to do.
- Find out how the game stores its scorres, and how it’s sync’d to the server (if it is)
- Inspect the html and see if we can find clues on how the game works.
- Place a break point and change the values before they are stored (yes its usualy that easy!)
The css class names gave a lot of clues on what to chose and what not to chose, then just before the results are stored, we place a break point in that location and change the value.
And We are off to level 11.