bi0s
  •  Home
  •  Categories
  •  Archives
  •  Tags
  •  Home
  •  Categories
  •  Archives
  •  Tags

കുട്ടി Notes - bi0sCTF 2024

Lu513n
2024-02-29
Web

tl;dr

  • DOM Clobbering to Redirect to another page
  • Increasing Content using SQL Injection giving the same column multiple times
  • Connection-Pool XS-Leaks to measure the time for the page to load
  • Leak the flag character by character using the above techniques
Read More
bi0sCTF DOM Clobbering XS-Leaks

Shisui - Fword CTF 2021

Yadhu Krishna M
2021-08-30
Web Exploitation

tl;dr

  • XSS using DOM Clobbering
  • <a id="showInfos"></a><a id="SETTINGS" name=check data-timezone="aaa" data-location="eval(window.name)"><a id="SETTINGS" name="x">
  • Bypass CSRF protection to execute XSS and read flag.
Read More
FwordCTF XSS DOM Clobbering

Official blog of team bi0s

  Projects
  •   bi0s-wargame
    (Unraveling)
  •   bi0s-wiki
    (Free Encyclopedia)
  •   InCTF
    (Nationals CTF)
  •   InCTFj
    (Juniors CTF)

Made With Love and Coffee



Blog content follows the Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) License

Use Material X as theme, total visits times.