cure53 / xsschallengewiki Goto Github PK
View Code? Open in Web Editor NEWWelcome to the XSS Challenge Wiki!
Welcome to the XSS Challenge Wiki!
I tried to replay solution 8 on prompt.ml with latest chrome, firefox and safari. Did not reproduce the prompt(1) output.
Can you please review it?
The Older-Challenges-and-Write-Ups page has links to write-ups for some of the older challenges. However, I think it would be nice to get the write-ups in the same wiki format, so maybe we could port the older write-ups (while of course linking to them etc).
Another benefit of this is that the techniques doesn't go lost if the respective write-up is taken offline. I didn't want to start porting before I got you other people's opinion. What do you guys think?
I think we are close to be ready. If you think so too please comment real quick with a "+1" or "-1". Thanks!
I think it could be better if we can add it on every write-up, as some people may just want to solve it themselves first (I mean, the challenge link is inside the write-up).
I'm not familiar with Github wiki, but I think the ideal way to do it is to place a prompt message to make sure if one really wants to read the write-up, if not feasible we can just put up a header section.
Thoughts?
It seems some changes were reverted. Is that a mistake?
in $events array at:
https://github.com/cure53/XSSChallengeWiki/wiki/XSSMas-Challenge-2015
there is incorrect event name:
'oppopstate',
instead of the correct event name:
'onpopstate',
https://developer.mozilla.org/en-US/docs/Web/API/WindowEventHandlers/onpopstate
I think we need to create a custom menu or sidebar for puzzles/challenges made by the same author, like kcal.pw, etc. in order to have an organized list.
What do you think?
There were some new levels added to prompt.ml, writeups need to be added for them.
"><svg t=#"onload="prompt(1)
works at least on Firefox
The solution for challenge: http://prompt.ml/4 as provided on https://github.com/cure53/XSSChallengeWiki/wiki/prompt.ml#level-4 isn't working.
I want to use Sourcegraph for xss-challenge-wiki code search, browsing, and usage examples. Can an admin enable Sourcegraph for this repository? Just go to https://sourcegraph.com/github.com/cure53/xss-challenge-wiki. (It should only take 30 seconds.)
Thank you!
In Level-8, the writeup themes doesn't work.
my local test is down below:
<script>
// console.log("
alert(1)<!--");
</script>
<script>
// console.log("
alert(1)-->");
</script>
and I can't bypass the Line Break(with [U+2028]), anyone can help?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.