Step 1: Register and log in
After you log in, you’ll notice a discount code: PIZZA-10. Note it down and get ready to use it whilst going through the flow. Purchase a pizza and intercept the traffic, stop when you see the POST req in step 2.
Step 2: POST Req
Go through the purchase flow and you’ll see there’s a discount parameter in the body, which shows the discount code we entered in the previous step:
Step 3: What didn’t work
I tried several things, including repeating the code over and over..however, this didn’t work.
I also tried adding the pizzas to an array, but it didn’t work (note: this was my fault and was a syntax error).
Step 4: toppings array
Looking at the toppings array in the POST request, we see the format is: [“item”,”item”] , so lets form our discount based on this. So we end up with: [“discount”:[“PIZZA-10”,”PIZZA-10"].
So we can post this data in the body:
The response comes back with the flag as the coupon has been used twice:
Thanks for reading!
