Rating: 3.5

## [Original/source writeup](https://bigpick.github.io/TodayILearned/articles/2020-10/b01lersbootcamp#find-that-data)

On the given site's URL, we see the following in the source code:

html
<script>
window.location = "/maze";
} else window.location = "/";
}
</script>


Use that info to login. Once logged in, we get an interactive maze page.

![](https://bigpick.github.io/TodayILearned/img/b01lers_bootcamp2020/maze.gif)

So, the goal is to get to the bottom left. However, as you can see in the above GIF, that will be impossible, since the barrier never moves off the corner.

We can inspect the maze’s source code by inspecting the js/maze.js file. The file has a bunch of stuff that’s just needed to make the maze possible, but the important function to us is the following:

js
function check_data() {
if (x === 1 && y === maxRows) {
$.post("/mem", { token:$("#token").html() }).done(function(data) {

However, we can just cheese this by directly calling this function with these values hardcoded in the console in dev tools, via check_data(x=1,y=maxRows).