SilenTx0 Posted November 26, 2014 Report Share Posted November 26, 2014 (edited) Link: http://pwnthecode.org/challenges/xss_chall2.php?xss=xTask: Execut? orice cod Javascript f?r? interac?iunea utilizatorului(sau cu un minim de interac?iune din partea utilizatorului).Rezolv?rile mi le trimite?i prin PM.Solvers: @Nytro Edited December 2, 2014 by SilenTx0 Quote Link to comment Share on other sites More sharing options...
Active Members MrGrj Posted November 26, 2014 Active Members Report Share Posted November 26, 2014 E down site-ul ? Quote Link to comment Share on other sites More sharing options...
behave Posted November 26, 2014 Report Share Posted November 26, 2014 E down site-ul ?A confundat cineva xss cu ddos Quote Link to comment Share on other sites More sharing options...
Ganav Posted November 26, 2014 Report Share Posted November 26, 2014 Sunt multi scanagii pe aici. Cauta in log-uri string-ul acunetix. Quote Link to comment Share on other sites More sharing options...
SilenTx0 Posted November 27, 2014 Author Report Share Posted November 27, 2014 Era o problema de la SSL. Acum e up. Quote Link to comment Share on other sites More sharing options...
KRONZI Posted November 27, 2014 Report Share Posted November 27, 2014 e tot down... Quote Link to comment Share on other sites More sharing options...
sleed Posted November 27, 2014 Report Share Posted November 27, 2014 KRONZI e tot down... Pentru cei ca tine de incearca cu acunetixu si brute force , down va fi pe vecie. Quote Link to comment Share on other sites More sharing options...
bhackery Posted November 27, 2014 Report Share Posted November 27, 2014 (edited) @SilenTx0 ti-am trimis PM. Mersi.Edit: Acum am inteles la ce te referi prin "minim de interactiune". Mai incerc si revin. Edited November 27, 2014 by blueray Quote Link to comment Share on other sites More sharing options...
QUADMACHINE Posted November 27, 2014 Report Share Posted November 27, 2014 https://pwnthecode.org/challenges/xss_chall2.php?xss=xhttp://pwnthecode.org/challenges/xss_chall2.php?xss=x Acum functioneaza Quote Link to comment Share on other sites More sharing options...
SilenTx0 Posted November 27, 2014 Author Report Share Posted November 27, 2014 Solu?ia trimisa de blueray este urm?toarea: http://www.pwnthecode.org/challenges/xss_chall2.php?xss=%22%20onmouseover=%22var%20a=%27aler%27,%20b=%27t%281%29%27;%20eval%28a.concat%28b%29%29;%Solu?ia lui nu e buna pentru ca vectorul trebuie executat f?r? interac?iunea utilizatorului (sau cu un minim de interactiune). In cazul sau, codul se executa doar daca userul trece cu mouse-ul peste div-ul xss_chall. Prin "minim de interactiune" se în?elege ca vectorul sa se execute indiferent unde e victima cu mouse-ul pe pagina, iar in cel mai rau caz, sa trebuiasc? sa miste maxim 1px mouse-ul pentru ca vectorul sa se execute). 1 Quote Link to comment Share on other sites More sharing options...
pr0st Posted December 2, 2014 Report Share Posted December 2, 2014 http://www.pwnthecode.org/challenges/xss_chall2.php?xss=1337" onmouseover="prompt(/challenge solved/)" pr0st=" Quote Link to comment Share on other sites More sharing options...
SilenTx0 Posted December 2, 2014 Author Report Share Posted December 2, 2014 http://www.pwnthecode.org/challenges/xss_chall2.php?xss=1337" onmouseover="prompt(/challenge solved/)" pr0st="Care parte din "SOLUTIILE SE TRIMIT PRIN PM" nu o în?elegi?Btw, solu?ia ta nu e buna. Quote Link to comment Share on other sites More sharing options...
pr0st Posted December 2, 2014 Report Share Posted December 2, 2014 sorry in english pls. Quote Link to comment Share on other sites More sharing options...