Challenges | Without Account | Cycubox Docs

Can you still vote?

Solution

  • Try to change the average rating and intercept the request with ZAP or BURP.

  • As we intercept the request we can try with different request method and examine the response.

We can see that the POST method is not a supported exception. We can try with other methods to see if there is an exception that is supported.

  • The HEAD method returns the Flag.

PreviousChallenges | Admin Password Reset | Cycubix DocsNextISC2 Courses

Last updated