Any idea how to complete this level.
10 years ago
1
So as far as I can understand I have to bypass the filter and execute this code <script>alert('HackThis!!');</script>
so that when I put this code in the textarea provided and click on submit it should show me an JS alert. I hope I am correct so far. But the question is which filter needs to be bypassed. Will have to do some googling I guess.
Everyone who are currently on this level please share you thoughts.
It’s actually quite simple…. since the script tags are filtered out, try to come up with a payload that is not detdetectedected :D
/dev/null
Me too. I tried to inject some simple XSS at first. It WAS successful but I couldn’t “bypass the filter” as expected. Gotta figure out how the code was filtered. ;)
10 years ago
1
Hi All,
0xDC post which is mentioned above is very helpful. Thanks 0xDC.
So i can get the alert to output but not complete the level. I use something like this [quote=author]<[/quote] i get the alert but not pass the level. any ideas what i should do?
@Stoned , u have to make the >output< the same as <script>alert('HackThis!!');</script>
If you make people think they’re thinking, they’ll love you. but if you really make them think, they’ll hate you.
~ Harlan Ellison
10 years ago
0
Its not about getting the alert popup I think cause I completed the level without even getting the pop up.
It should look exactly like it but also work. What you tried looks like it, yes but it won’t work :)
any helpful suggestions, hint, tips?? i’m sure it’s something simple but probably over thinking it (-_-)
10 years ago
0
Well StonedNinjaLUFC,
I would suggest that you see the post by 0xDC on this thread especially the last word how its written. Hope this helps.
It’s indeed really simple, take a look what exactly is filtered and try to bypass it. @0xDC’s post is very helpful :)
You talk about otherthing, but my question is what is “token” ? I have found a code for that but I cant' bypass…
“Token” is a part of solution or I m completely out ??
Thks you guys…
“Potius mori quam foedari”
10 years ago
0
I don’t think it has anything to do with completing the level. I know that there is a hidden input but I don’t think it has anything to do with completing the level. I might be wrong though.
The hidden input is nothing to do with completing the level … for more information on what it is see https://www.hackthis.co.uk/articles/cross-site-request-forgery
Thks guys, You avoid me losing a lot of time…
“Potius mori quam foedari”
@AHSR: As we mentioned above, you have to print the exact output as requirement:
<script>alert('HackThis!!');</script>
It isn’t not about making the alert box appear.
It has to be exactly this:
<script>alert('HackThis!!');</script>
Your way works but isn’t the way how it was intended.
I actually already wrote flabby a pm because I don’t think this should work..
I won’t send you the solution.
Take a look at the hints posted in here they are quite useful and the level is not as hard as it might seem to be.
we everybody should have to R n D on the filtration bypass
https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
Check out hope it ll some help you
For anyone who is still struggling with this level.read @0xDC post about this.especially the last word,it’s really important
To all the people out there struggling with this level:
The idea is NOT to create an XSS but to BYPASS the XSS filter. As you might have noticed, the script tags are filtered out, there is a (rather simple) way to bypass this. Create a payload where the end result is the script tags are displayed.
Another clue can be found in my earlier posts and I normally don’t make typos (another hint).
Good luck to you all!
/dev/null
No need to search for bypassing techniques. As you can clearly tell in addition to what everyone is saying, anything that comes between tags gets filtered out.
No fancy encoding and stuff needed though. Trick is to confuse the application that you’re not using anything between tags but in reality you are.
Guys this level is fuckin twisted !!
And also theee is no need of any special bypassing techniqe , its just playing with the script tags !!
Good luck .
- @IAmDevil
Its good to be back! :D
10 years ago
-1
Yes 0xDC is correct, all you need to do is to fiddle with the tag and also the previous post by 0xDC provides a very big clue to solve this level. Look at the last word posted by 0xDC very carefully in the previous post.
10 years ago
0
dauphindiamant,
The answer is already provided on this thread. Check 0xDC’s post especially the last word.
10 years ago
0
Well I shouldn’t say its the answer but it is a very big clue to complete this level.
[quote=IAmDevil]no need of any bypassing techniqe[/quote]
That is a simple bypassing technique for a specific (read: bad) protection. I’ve actually seen this one out there…
- daMage
interesting read helped me complete this level http://www.trailofbits.com/resources/blackbox_reversing_of_xss_filters_slides.pdf
Thanks for your document, @iluvz2sp00ge . It’s great when eveyone spreads their knowledge. :D
@dauphindiamant: What’s your problem, dude? There’s a lot of hints in this thread which can help you.
@dauphindiamant: There’re a lot of posts in Intermediate Level 4 thread can help you, dude. Just read all.
We don’t even type passwords in the forum and now you ask for a video? ;)
Let me see… Ah! The holy word from @0xDC which can help you to pass this level:
detdetectedected
dont surrender @silverrp123 !!!
Keep trying it just has to do with the tags nothing much !!
- @IAmDevil
Its good to be back! :D
The only thing left to say is the right answer itself. Read the whole thread and if you still can’t find it then just try another level.
silverrp123, a hard way and an easy way to solve this.
1- the easy way : simple google search on stupid ways to filter from xss and understanding str_replace() function in php + some really simple logic
2- the hard way, keep saying your hints does not help or i did not understand your hint in the forum and waiting for someone to hand you the answer and not doing some reading or googling in the first place.
you are going the hard way.
I Hate Signatures.
@tlotr: This thread should be closed too. :/