nitowa 66254047e7 rename README | hace 2 años | |
---|---|---|
client | hace 2 años | |
src | hace 2 años | |
.yarnrc.yml | hace 2 años | |
Dockerfile | hace 2 años | |
README.md | hace 2 años | |
package-lock.json | hace 2 años | |
package.json | hace 2 años | |
tsconfig.json | hace 2 años | |
yarn.lock | hace 2 años |
Participant: Peter Millauer / nitowa (01350868)
Classical XSS web exploit. The solution used special string replacement patterns to break out of string escapes.
Explain your analysis in detail. Cover all the technical aspects, including the used tools and commands. Mention other collaborators and distinguish contributions.
List security issues you discovered in the scope of the task and how they could be exploited.
Provide a clean (i.e., without analysis and research steps) guideline to get from the task description to the solution. If you did not finish the task, take your most promising approach as a goal.
Describe attempts apart from the solution above which you tried. Recap and try to explain why they did not work.
If you can think of an alternative solution (or there are others already published), compare your attempts with those.
Document what you learned during the competition.
List external resources (academic papers, technical blogs, CTF writeups, …) you used while working on this task.