Categories
CTF Writeups

Bug Poc XSS Challenge #2

1. Send a postMessage containing the XSS payload.
2. Use Angular CSTI to bypass CSP.
3. Use JSFuck and an Angular sandbox escape to pop an alert.

Categories
CTF Writeups

UTCTF 2020 – Chatt With Bratt

1. Send XSSHunter payload.
2. View secret cookie in XSSHunter.

Categories
CTF Writeups

UTCTF 2020 – Observe Closely

1. Use Binwalk to extract hidden binary.
2. Run hidden binary.