Web Application Exploitation Challenge 1 - Typing Racers

Prompt

One of our clients has designed a new application meant to teach students how to type in a gamified setting. Can you ensure the system is secure before the final release? Note: This challenge may take up to 30 seconds to fully deploy.

Answers

Q1 (15 pts) - Which endpoint records the result when you win or lose a game?
api/report

Q2 (15 pts) - Which endpoint lets you view your race statistics?
api/stats

Q3 (15 pts) - What is the name of the sensitive field included in the response from the statistics endpoint?
password

Q4 (15 pts) - What is the user_id of the admin user?
1

Q5 (15 pts) - What is the password for the admin user?
admin123

Q6 (25 pts) - What is the flag value on the admin’s profile page (profile.html) when logged in as admin?
SKY-MAJD-0392

Steps I Took

Q1 — I started by making an account and completing a race. Then I checked Inspect Element. Went to game.js.

Q2 — I solved this the same way.

Q4 — In profile.js, it showed that the user ID was determined by localStorage, so I changed it there.

Set the uid value and refreshed the page.