Reverse engineering Domino’s Virtual Trivia Night for free pizza

We “reverse-engineered” the site behind Domino’s virtual trivia night and won free pizza for a year. 

Reverse engineered is in quotation marks because it’s not really that complicated, but let’s call it that because I feel morally corrupt anyway.

In May 2020, Domino’s ran five virtual trivia nights on their Facebook page, advertising that the winner would receive a year’s supply of pizza. The trivia night is organised by a third party, QuizMeisters, a pub trivia company which has transitioned to online trivia nights given the pandemic.

The competition was hosted on a Facebook Live stream where the questions were announced to the audience in real time, and the respondents could enter their answers into an online form hosted on a website (dominostrivia.com).

A simple examination of the website showed that it was in fact a simple form developed using the Qualtrics platform. Qualtrics is an enterprise survey, research and experience management solution, which can be compared to offerings such as SurveyMonkey. It’s a service designed for market researchers and academics, and not a platform designed for hosting quizzes. This led me to believe that question validation is likely being handled client-side.

This could be somewhat verified by having the ability to navigate through all the questions in the form before they were announced on the stream (although you cannot see the the questions themselves on the form). Randomly typing responses and navigating to the end of the form to press submit also immediately provides us with our ‘score’ – interesting.

Images from the stream and DominosTrivia.com

The surveying product which Qualtrics provides is not designed for quizzes.

The first thing you’d probably think of doing when you think of an online trivia night is Googling the questions, and yes this would actually work for most of them, but knowing that Qualtrics is a surveying software that probably doesn’t care about validating responses on the server-side, we knew that there would likely be answers stored somewhere on the form itself. By doing a quick inspect of the network requests on navigation between each question, our initial hypothesis was proven. We could see a response object with all of the question data being sent to the client.

dominos next page inspect

Further down on the response object, we found what we were looking for. An attribute titled QuestionDefinitions included information about the current question and its layout, as well as a GradingData attribute which contains the correct response strings which the form auto grades against.

dominos inpect expanded

In this case, the answer to this question is Terry Crews (we discovered that capitalisation doesn’t matter).

Virtually all the questions had the solution encoded in some form or another in this GradingData field, so it was just a matter of clicking through each question, checking the server response object, and selecting the correct answer on the form. You didn’t even need to watch the stream to see the question as the data is sent along with the page request, and since you could navigate between all the questions before they were announced, it was trivial to have the form pre-filled out and submit along with all other participants as they reach the end of the stream.

So that was it — we won.

We are now the proud owners of a Google Sheet with 104 individual codes for one free large traditional pizza, valid for 12 months.

Do I feel like a bad person? Definitely. Was it worth it for an entire year’s supply of pizza? Perhaps. But here’s the kicker:

I don’t even like pizza.