remember your rate limits
today at school, my teacher decided to open up a quizizz. it seems that quizizz had added a new reactions feature!
obviously being the terrible kid i am, i wanted to know how these reactions worked so i could spam them relentlessly. so i went ahead and clicked on one of them, then checked the network tab.
looks like they send a http request to send a reaction. this looks easily abusable, lets copy that as a fetch request.
i went ahead and wrote a quick for loop with the fetch request inside
for(let i = 0; i < 100; i++) {
// fetch request goes here
}
let it rip! the best part about this is that a sound played for every single one of these reactions, and i sent so many that audio just stopped playing. it was really funny.
while reproducing this for the blog post, i realized that you can spoof the player id, so you can use any name you want.
moral of the story: remember to use rate limits to stop kids like me from potentially crashing the teacher's computer (and possibly the entire school's wifi)