XSS challenge pwnthecode

dancezar · November 10, 2014

URL: http://www.pwnthecode.org/challenges/xss_chall.php/Y2FjYXQ=

Level: ?

Cerinte:

1) Folositi numai google chrome (cu altceva nu merge rezolvat)

2) Scoateti o alerta ( nu confirm nu promt) cu document.cookie

Hint: Ca sa nu va bateti capu aiurea , nu are legatura cu sursa obuscata

Solvers:

-BitMap

-dcristi

-dekeeu

-

Edited November 14, 2014 by danyweb09

dancezar · November 11, 2014


*.*.*.* - - [10/Nov/2014:19:13:09 +0100] "GET  HTTP/1.0" 304 198 "http://www.pwnthecode.org/challenges/xss_chall.php/ce-ai-facut-mai-dany-aici-))" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.111 Safari/537.36"

:)) )) bine

Baieti ... e un string codat in base64 zau , toti numai dupa stringul in base64 anaintea lui ,in interiorul lui , dar de decodat si codat la loc ati incercat? :))

Este doom apropo...

BitMap · November 11, 2014

Stiam eu ca o sa se uite cineva pe acolo ;))

Mai glumim, mai incercam, dar dovada stii cam pe unde e

GJ.

dancezar · November 12, 2014

Stiam eu ca o sa se uite cineva pe acolo
Mai glumim, mai incercam, dar dovada stii cam pe unde e
GJ.

:)) ))))))) nu ma asteptam ca tu sa fi fost, bravo boss, interesanta rezolvarea ta ai pm cu cea pe care am gandito eu .

Apropo uitati ceva interesant din loguri:


*.*.*.* - - [12/Nov/2014:01:34:40 +0100] "GET /challenges/xss_chall.php/acunetix-wvs-test-for-some-inexistent-file HTTP/1.0" 200 6310 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36"

sau de la acelasi persoana:


*.*.*.*- - [12/Nov/2014:01:34:55 +0100] "GET /challenges/xss_chall.php/?page=../../../../../../../../../etc/passwd%00.jpg HTTP/1.0" 200 6203 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36"


*.*.*.* - - [12/Nov/2014:01:35:12 +0100] "GET /challenges/xss_chall.php//.../.../.../.../.../.../.../.../windows/win.ini HTTP/1.0" 200 6203 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36"

Edited November 12, 2014 by danyweb09

SilenTx0 · November 12, 2014

Hai cu Haviju'.

dcristi · November 12, 2014

Cu firefox se pune?

Edited November 12, 2014 by dcristi

SilenTx0 · November 12, 2014

Cu firefox se pune?

Da se pune, felicit?ri.

akkiliON · November 12, 2014

A l?sat o "urm?" @dcristi. Ar fi bine s? o cenzura?i.

dcristi · November 12, 2014

A l?sat o "urm?" @dcristi. Ar fi bine s? o cenzura?i.

Done. Scuze.

dancezar · November 12, 2014

Done. Scuze.

Sa zicem ... Desi pe chrome nu are cum sa mearga

dekeeu · November 12, 2014

dcristi · November 14, 2014

Sign In

XSS challenge pwnthecode

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation