Challenges covered in this chapter
|Bully Chatbot||Receive a coupon code from the support chatbot.||⭐|
|Mass Dispel||Close multiple "Challenge solved"-notifications in one go.||⭐|
|Score Board||Find the carefully hidden 'Score Board' page.||⭐|
|Security Policy||Behave like any "white hat" should before getting into the action.||⭐⭐|
Receive a coupon code from the support chatbot
This challenge is about nagging the support chatbot to hand out a coupon code that can subsequently be used to get a discount during the checkout process.
- The bot is reluctant to give you a coupon as it's coming up with various excuses for not giving you one
- Asking over and over again like a little kid might actually help you succeed in this case
Close multiple "Challenge solved"-notifications in one go
This "challenge" is nothing more than an opportunity to learn about a convenience feature that allows users to close multiple "Challenge solved"-notifications at once.
- This challenge is most easily solvable immediately after a server restart
- You can find all the information you need to solve this challenge in the Challenge tracking chapter
- Alternatively you can also inspect any "Challenge solved"-notification in your browser to understand its convenience feature
- When you work with the application you will most likely solve this challenge in the process
- Any automated crawling or spidering tool you use might solve this challenge for you
- There is no real hacking involved here
Find the carefully hidden 'Score Board' page
Behave like any "white hat" should before getting into the action
The term "white hat" in Internet slang refers to an ethical computer hacker, or a computer security expert, who specializes in penetration testing and in other testing methodologies to ensure the security of an organization's information systems. Ethical hacking is a term meant to imply a broader category than just penetration testing. Contrasted with black hat, a malicious hacker, the name comes from Western films, where heroic and antagonistic cowboys might traditionally wear a white and a black hat respectively.2
- This challenge asks you to act like an ethical hacker
- As one of the good guys, would you just start attacking an application without consent of the owner?
- You also might want to read the security policy or any bug bounty program that is in place