Intigriti's August 2024 CTF Challenge
August 15, 2024
Belgian ethical hacking platform Intigriti hosted a new monthly CTF (Capture the flag) challenge in August 2024.
- I uploaded a PDF containing my writeup that can be read below or downloaded here: PDF
- The challenge source code can be found here: ZIP
The challenge was build around a safe note taking application that contained an open redirect which was chained to a path traversal leading to a blind XSS. This could be abused to exfiltrate the web application admin web cookies.
Embedded writeup PDF:
Latest Posts
- August CTF Challenge 2024 - Intigriti June XSS Challenge 2023 - Intigriti April CTF Challenge 2023 - Intigriti December XSS Challenge 2022 - Intigriti July XSS Challenge 2022 - Intigriti March XSS Challenge 2022 - Intigriti April XSS Challenge 2022 - Intigriti January XSS Challenge 2022 - Intigriti December XSS Challenge 2021 - Intigriti October XSS Challenge 2021 - Intigriti September XSS Challenge 2021 - Intigriti May XSS Challenge 2021 - Intigriti March XSS Challenge 2021 - Intigriti November XSS Challenge 2020 - Intigriti May XSS Challenge 2020 - Intigriti KIBA - Try Hack Me