HackCommunity XSS challenge

(09-26-2012, 09:10 PM)1234hotmaster Wrote:

[To see links please register here]

Well looking at JS i just noticed there is the String.fromCharCode function XD

I feel like I'm forgetting all of these... I still remember my old XSS tunnel setup :biggrin:

You're using IE? *facepalm*

(09-27-2012, 04:26 AM)killerOfCode Wrote:

[To see links please register here]

(09-26-2012, 09:10 PM)1234hotmaster Wrote:

[To see links please register here]

Well looking at JS i just noticed there is the String.fromCharCode function XD

I feel like I'm forgetting all of these... I still remember my old XSS tunnel setup :biggrin:

You're using IE? *facepalm*

Some browsers don't show the XSS alert... Internet Explorer shows it about 99% of the time sir.

Fuck Level 2 , i wonder why i can't do that ,:tongue: , realize it was my goddamn browsers Security Addons

(09-27-2012, 08:25 AM)Shining White Wrote:

[To see links please register here]

fudge Level 2 , i wonder why i can't do that ,:tongue: , realize it was my goddamn browsers Security Addons :tongue:

I was seriously worried the challenge will last only a day, but seeing it took 1 day only to solve 2 challenges xD

I'll be slowly making guides for every solved challenge. Starting with a guide: choosing the right browser

(09-27-2012, 09:06 AM)1llusion Wrote:

[To see links please register here]

(09-27-2012, 08:25 AM)Shining White Wrote:

[To see links please register here]

fudge Level 2 , i wonder why i can't do that ,:tongue: , realize it was my goddamn browsers Security Addons :tongue:

I was seriously worried the challenge will last only a day, but seeing it took 1 day only to solve 2 challenges xD

I'll be slowly making guides for every solved challenge. Starting with a guide: choosing the right browser :tongue:

yeah that will helpful :lol:

---

Level : 3

Hidden Content

You must

[To see links please register here]

or

[To see links please register here]

to view this content.

(09-27-2012, 10:33 AM)Shining White Wrote:

[To see links please register here]

Level : 4

Hidden Content

You must

[To see links please register here]

or

[To see links please register here]

to view this content.

u r cheating, owasp => CTRL - C + CTRL - V :tongue:

Level : 4

Hidden Content

You must

[To see links please register here]

or

[To see links please register here]

to view this content.

(09-27-2012, 10:33 AM)Shining White Wrote:

[To see links please register here]

Level : 4

Hidden Content

You must

[To see links please register here]

or

[To see links please register here]

to view this content.

I don't agree with this way of solving challenge 4. I'm sorry but get us an alert box :tongue: HTML injection by itself doesn't do much.

(09-27-2012, 10:37 AM)bluedog.tar.gz Wrote:

[To see links please register here]

(09-27-2012, 10:33 AM)Shining White Wrote:

[To see links please register here]

Level : 4

Hidden Content

You must

[To see links please register here]

or

[To see links please register here]

to view this content.

u r cheating, owasp => CTRL - C + CTRL - V :tongue:

Lulz , Theres no such word "Cheat" exicist on the World of Hax :tongue:
and the OWASP Mantra can what ? using XSS me not working coz of Illusion had
fix the Injecting Code System ,
can you hax those with Mantra Addon or any plugin , i yes i wonder if you can teach me or suggest me the Addon , plugin :tongue:


and the Illusion , you mean it can't inject via HTML ? in level 4 ,
what about the level 3 then ?

(09-27-2012, 10:59 AM)Shining White Wrote:

[To see links please register here]

(09-27-2012, 10:37 AM)bluedog.tar.gz Wrote:

[To see links please register here]

(09-27-2012, 10:33 AM)Shining White Wrote:

[To see links please register here]

Level : 4

Hidden Content

You must

[To see links please register here]

or

[To see links please register here]

to view this content.

u r cheating, owasp => CTRL - C + CTRL - V :tongue:

Lulz , Theres no such word "Cheat" exicist on the World of Hax :tongue:
and the OWASP Mantra can what ? using XSS me not working coz of Illusion had
fix the Injecting Code System ,
can you hax those with Mantra Addon or any plugin , i yes i wonder if you can teach me or suggest me the Addon , plugin :tongue:


and the Illusion , you mean it can't inject via HTML ? in level 4 ,
what about the level 3 then ?

You can inject HTML, however, I'd like to see an alert box rather than text. The level 4 is about javascript syntax so just putting

Hidden Content

You must

[To see links please register here]

or

[To see links please register here]

to view this content.

kinda ruins the point of that challenge :smile:

I'll add this to the rules :tongue:

EDIT: Added 6th challenge
EDIT2: Added 7th challenge