Instead, let’s take under the hood to see what we can hack… Observing requests Since our objective is to hit more than 1,000 credit, we could just play the slots for a long time to try to get lucky. Your credit is updated based on the outcome. You can choose various options before placing a bet by hitting the Spin button.
It’s fairly typical for such games (at least as per my understanding following a short trip to Las Vegas for Black Hat and Def Con). Let’s follow the link and take a look at the slot machine. What does the Jack Frost Tower casino security team threaten to do when your coin total exceeds 1,000? Submit the string in the server data.response element. Test the security of Jack Frost’s slot machines.
We’re given a link to an online slot machine and the following request: Here’s one more writeup from the SANS Holiday Hack Challenge! The slot machine hack was one of the showpiece challenges this year, so I thought I’d put together a quick blog post to guide you through the process of identifying and exploiting a vulnerability in the game.