Forum Discussion
Bronze IIAdvanced CTF Challenge: Improbable Maze
I have the token from the POST but when I put in under Repeater and change the key value to 4, 4, like what was shown in the live training session, I only receive back the response: Too Slow.
Not sure what I am missing to get the token value.
Well done for getting that far!
The message "Too slow!" is a clue that reveals that the time limit is so short that no human can manually copy and paste the token fast enough...but a script can 😉
You can use a python script to fetch the token, create the JSON payload, send the POST request to the endpoint, and print the server's final response.
Once you do this, the flag will be printed on your screen. 🤩
4 Replies
- Nneka_AN
Bronze III
Well done for getting that far!
The message "Too slow!" is a clue that reveals that the time limit is so short that no human can manually copy and paste the token fast enough...but a script can 😉
You can use a python script to fetch the token, create the JSON payload, send the POST request to the endpoint, and print the server's final response.
Once you do this, the flag will be printed on your screen. 🤩 
AtakanBalThe token is short-lived, so you don't have enough time to intercept it or use repeater with same token. To bypass this, you can turn off the interceptor and add rules in Burp's Match and Replacer for the request body. These rules are applied automatically to requests and responses as they pass through Burp’s proxy.
