# Plaid CTF: Yet Another Calculator App Participant: Peter Millauer / nitowa (01350868) ## TL;DR / Short Summary Classical XSS web exploit. The solution used special string replacement patterns to break out of string escapes. ## Task Description ## Analysis Steps Explain your analysis in detail. Cover all the technical aspects, including the used tools and commands. Mention other collaborators and distinguish contributions. ## Vulnerabilities / Exploitable Issue(s) List security issues you discovered in the scope of the task and how they could be exploited. ## Solution Provide a clean (i.e., without analysis and research steps) guideline to get from the task description to the solution. If you did not finish the task, take your most promising approach as a goal. ## Failed Attempts Describe attempts apart from the solution above which you tried. Recap and try to explain why they did not work. ## Alternative Solutions If you can think of an alternative solution (or there are others already published), compare your attempts with those. ## Lessons Learned Document what you learned during the competition. ## References List external resources (academic papers, technical blogs, CTF writeups, ...) you used while working on this task.