I’ve recently seen this link (http://mingle2.com/geek-quiz redirected to http://www.justsayhi.com/bb/geek) at Priyadi’s. It’s a typical quiz, like any other geek quizes which you have to answer multiple choice questions then it gives result how geek you are in the end. But, it got me thinking, just for fun… How to cheat on this quiz?
This quiz uses AJAX for navigation/multiple choice and score meter which is very nice. But if you search through its javascript codes you can see that it calls PHP scripts in the background. This is quite easy, these 2 URLs are the basics, one display the questions and other gives points.
http://www.justsayhi.com/bb/quizzes/geek.php?question=$i
http://www.justsayhi.com/bb/quizzes/geek.php?question=$i&answer=$j
No need to think, I opened up an editor and started writing. Nothing special, just fetching what’s there. Well, just to check the answer on who created this /(bb|[^b]{2})/ regular expression, is it Shakespeare or guys at ThinkGeek.com. So, the script is only for displaying the question and the points of each answers.
<?
// http://www.justsayhi.com/bb/geek
// arif - 20070919
$geek_url = "http://www.justsayhi.com/bb/quizzes/geek.php";
if (!fopen($geek_url, "rb")) {
echo "Sorry, ".$geek_url." not found.";
die;
}
set_time_limit(200);
for($i=0;$i<22;$i++) {
$q = $geek_url."?question=".$i;
$handle = fopen($q, "rb");
$contents = stream_get_contents($handle);
fclose($handle);
echo $contents.'<br />';
$count_answer = substr_count($contents, 'answer');
echo "Answer points<br />";
for($j=0;$j<$count_answer;$j++) {
$a = $geek_url."?question=".$i."&answer=".$j;
$handle = fopen($a, "rb");
$contents = stream_get_contents($handle);
fclose($handle);
$n=$j+1;
echo $n.'. '.$contents.'<br />';
}
echo "<br/><hr />";
}
?>
The script above will output like this. And if you’re fast you’ll get more than 100%. Haha, I know it’s unfair, but the quiz’s just for fun and this is just silly script anyway.