Intigriti's December 2021 XSS Challenge

December 26, 2021

During the week of Christmas 2021 the Belgian ethical hacking platform Intigriti hosted a new XSS (cross site scripting) challenge.

I uploaded a PDF containing my writeup that can be read below or downloaded here: PDF
I also created a small POC video that shows the XSS attack: POC Video

The POC video shows the local MAMP web server running my PHP redirect page to alter the referer HTML comment in the source code of the challenge page. Once the victim visits my webserver a redirect will happen towards the challenge page and the XSS attack will fire.

Embedded writeup PDF:

Latest Posts

June XSS Challenge 2023 - Intigriti
April CTF Challenge 2023 - Intigriti
February XSS Challenge 2023 - Intigriti
December XSS Challenge 2022 - Intigriti
July XSS Challenge 2022 - Intigriti
March XSS Challenge 2022 - Intigriti
February XSS Challenge 2022 - Intigriti
January XSS Challenge 2022 - Intigriti
December XSS Challenge 2021 - Intigriti
October XSS Challenge 2021 - Intigriti
September XSS Challenge 2021 - Intigriti
May XSS Challenge 2021 - Intigriti
March XSS Challenge 2021 - Intigriti
November XSS Challenge 2020 - Intigriti
May XSS Challenge 2020 - Intigriti
KIBA - Try Hack Me