Dojo #23
by YesWeHack
drag_indicator
drag_indicator
drag_indicator
5Ways2XSS - DOJO #23 (Until 11/05/2023)
Hint
Focus on one XSS section at a time to avoid headaches! ;)
Also... forward slashes (/) are your best friend, who even needs spaces these days...?
Rules
(README)
BRUTE FORCE IS NOT ALLOWED!
A valid solution must fulfil all these requirements:
Input rules for each section:
- [ ] (1) - Classic XSS by using HTML tags
- [ ] (2) - Preform an XSS by staying
inside the original <script> tags - [ ] (3) - XSS inside the 'src' value
Don't break out of the quotes - [ ] (4) - XSS inside the '' tag
Don't create a new HTML tag or break the original one - [ ] (5) - Execute a DOM XSS by staying inside the input value
Don't break out of the quotes
GOAL
Following the rules and write a single XSS payload that executes on all five different inputs ($xss)
Tips
The Browser console will be useful, especially the console tab. Use it to track your progress!
Use the JavaScript function console.log() instead of alert() and log the input section number you are testing.
Example:
$xss section (1) -> console.log(1) $xss section (2) -> console.log(2) etc...
Story time
No story this time, it's time for you to create an amazing XSS payload!
drag_indicator
INPUT
OUTPUT
drag_indicator
drag_indicator