uGame

Challenge Information

Category: Web Security
Level: easy
Points: 50

description

we are creating a new social media app for gaming , make sure its secure enough.

Solution

after access the lab u see input text i try to input any value to see where it's stored in source code

now after type any value I'll try to input simple payload to get alert

okay , from above we now know the validation skip any thing after <script so , I'll try to use < svg or <img , anything without <script so the final payload is :

<svg src=<any_invalid_value> onerror=alert(1)>

you should input in src invalid value to make onerror true to get alert and typr it you get the flag in alert

Previousx corp Nextbean

Last updated 7 months ago