This was considered a hard challenge. After finding and analysing the source code we found a GQL injection. Unfortunately there is a system in place that will ban you for too many requests. So we use a modified binary search algorithm to finish in time.

Discover by CTF

Capture The Flag - Hacking Competitions