Carlos Villa Sánchez carlosvillasanchez
🔨
carlosvillasanchez
/ challenge-3.js
Last active
October 30, 2021 10:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <div id="html" class="text"> | |
| <h1 class="light"> | |
| </h1> | |
| </div> | |
| <div id="intigriti"> | |
| <div id="last"> | |
| <script> | |
| <div class="a"> | |
| (...) |
carlosvillasanchez
/ challenge-2.html
Last active
October 30, 2021 10:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <div id="html" class="text"> | |
| <h1 class="light"> | |
| </h1> | |
| </div> | |
| <div id="intigriti"> | |
| <div class="a">'"</div> | |
| <div id="container"> | |
| <span>I</span> |
carlosvillasanchez
/ challenge.html
Last active
October 30, 2021 10:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <div id="html" class="text"> | |
| <h1 class="light"> | |
| INPUT | |
| <div class="a">'"</div> | |
| <div id="container"> | |
| <span>I</span> | |
| <span>I</span> | |
| </div> |
carlosvillasanchez
/ challenge-code-variable-names.js
Created
October 30, 2021 09:18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| window.addEventListener("DOMContentLoaded", function () { | |
| jsCode = `)]}'` + new URL(location.href).searchParams.get("xss"); | |
| lastElementOfBody = document.getElementById("body").lastElementChild; | |
| if (lastElementOfBody.id === "intigriti") { | |
| lastElementOfIntigriti = lastElementOfBody.lastElementChild; | |
| htmlOfLastElementOfIntigriti = lastElementOfIntigriti.innerHTML.trim(); | |
| jsPrefix = htmlOfLastElementOfIntigriti.substr(htmlOfLastElementOfIntigriti.length - 4); | |
| jsCode = jsPrefix + jsCode; | |
| } | |
| let scriptTag = document.createElement("script"); |
carlosvillasanchez
/ challenge-code.js
Created
October 30, 2021 09:04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| window.addEventListener("DOMContentLoaded", function () { | |
| e = `)]}'` + new URL(location.href).searchParams.get("xss"); | |
| c = document.getElementById("body").lastElementChild; | |
| if (c.id === "intigriti") { | |
| l = c.lastElementChild; | |
| i = l.innerHTML.trim(); | |
| f = i.substr(i.length - 4); | |
| e = f + e; | |
| } | |
| let s = document.createElement("script"); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| alert(1) |