I recently discovered NCC Group’s “Are you a ninja” challenges.
This is the first challenge on the site. I hope to complete them all and make a series out of it.
From looking at the source, this codes POSTs with the provided passcode (passed into the function) to some API, and the server (presumably) returns the flag when the right passcode is entered. Just changing the res in an HTTP proxy (like Burp Suite), did trick the client-side code into thinking
we received a valid response, but obviously didn’t print the flag.
I opened up the network tab of chrome to take a peek at the response. With the 10000/hr limit on requests, it seemed
pretty obvious that this first challenge was a bruteforce one. With that in mind, I wanted to do something a little more interesting than my normal
brute script. I decided to multithread the script. This script spawns 20 threads, each in charge of testing 500 passcodes.
Letting the script run for a while, we eventually end up with a valid passcode, and the flag logged into our output file. We
can enter the passcode ourselves too.