
This webpage is best solved using a Python program.
- The page generates a random number between 1 and 9999
- You have to guess the correct value to see the flag.
Looking at the page source, we can see:

The assumption we can make:
- If we guess correctly, the page will not print the word ‘Sorry’
- We see ‘Sorry, the correct number was ‘X’ if we get it wrong.
I’ll provide some working code here.
- This code fetches the webpage infinitely using the number 10.
- Eventually, 10 has to be correct!
- If the webpage text does not contain the word ‘Sorry’, print the result.
- The Python requests library is super powerful stuff!
Create a file called guess.py and insert the following code.
import requests
url = "<http://ctf.local:9000/guessing_game/index.php>"
data = {"guess": 10}
while True:
response = requests.post(url, data=data)
if 'Sorry' not in response.text:
Run it:
- Note: You may have to wait a minute!
python3 guess.py
