InCTF Jr 2023
October - December, 2023

Big Shop

Medium Web

Author: Aneesh


first we have to login and then we can see two products flag and emm with 200 and 100 price respectively.We can add both the products to the cart but we can't buy flag because it shows you have not enough money


But there is an idor vulnerablity in the buying requests ,we can change the pid=1 and it will buy the flag then we can open flag