This webpage is best solved using a Python program.

• The page generates a random number between 1 and 9999
• You have to guess the correct value to see the flag.

Looking at the page source, we can see:

The assumption we can make:

• If we guess correctly, the page will not print the word ‘Sorry’
  • We see ‘Sorry, the correct number was ‘X’ if we get it wrong.

I’ll provide some working code here.

• This code fetches the webpage infinitely using the number 10.
  • Eventually, 10 has to be correct!
• If the webpage text does not contain the word ‘Sorry’, print the result.
• The Python requests library is super powerful stuff!

Create a file called guess.py and insert the following code.

import requests

url = "<http://ctf.local:9000/guessing_game/index.php>"
data = {"guess": 10}

while True:
    response = requests.post(url, data=data)
    if 'Sorry' not in response.text:

Run it:

• Note: You may have to wait a minute!

python3 guess.py