Uncle Arnold’s Band:
Uncle Arnold wants to increase his rating to the highest. For that, he must have the maximum number of votes. When you click on the vote button for Raging Infero, you add one vote. But that doesn’t add much to the rating. We must add a huge vote value such that his rating goes high. Is there some easy way to do that? How can be increase his rating? We need to edit the vote parameter.
The first thing that you need to do when you get any question is to go through the source code of the webpage which is vulnerable. Understand the code well.
You can make out that when you click on vote, v.php gets activated. Also the group is distinguished by the PHPSESSID and id variables in the code. ‘vote’ takes care of the vote value. Now we need a mechanism to change the value of the vote for one of the id and PHPSESSID that denotes the Raging Infero. You can use tamper data or Burpsuite to do that. I used Burpsuite and I liked it. Hope you got an idea to get started.