# 0422: Window Maker

| Name                                                                    | Authors                               | Category                 |
| ----------------------------------------------------------------------- | ------------------------------------- | ------------------------ |
| [Intigriti April Challenge (2022)](https://challenge-0422.intigriti.io) | [huli](https://twitter.com/aszx87410) | XSS, Prototype Pollution |

## Video Walkthrough

[![4 hackers, one XSS challenge! Solution to April '22 XSS Challenge](https://img.youtube.com/vi/BW_-RCo9lo8/0.jpg)](https://www.youtube.com/watch?v=BW_-RCo9lo8)

## Challenge Description

> Find a way to execute arbitrary javascript on the challenge page and win Intigriti swag.

## Useful Resources

* [XSS cheatsheet](https://portswigger.net/web-security/cross-site-scripting/cheat-sheet)
* [Prototype Pollution](https://portswigger.net/web-security/prototype-pollution)

## Community Writeups

1. [lfama](https://gist.github.com/lfama/b80c6bef8fac78d2ad7b07eb11c66609)
2. [goku-kaioken](https://github.com/goku-KaioKen/intigriti/blob/main/challenge-writeups/Challenge-0422.pdf)
3. [therealbrenu](https://dev.to/therealbrenu/intigriti-0422-xss-challenge-writeup-4n3m)
4. [maitaii](https://github.com/leonsirio/CTF_Writeup/blob/main/XSS_Intigriti/Intigriti_0422_Writeup.pdf)
5. [1chig0](https://1chig0.notion.site/1chig0/Intigriti-s-0422-XSS-challenge-54a9ccefb6a84208a71e8ddd5225935a)
6. [brzozowski](https://www.brzozowski.io/web-applications/2022/04/24/intigritis-april-xss-challenge-writeup.html)
7. [kza](https://klefz.se/2022/04/25/intigritis-april-xss-challenge-2022-write-up)
8. [lzzluca](https://nerdstuckathome.wordpress.com/2022/04/24/intigriti-challenge-0422)